Antivirus/Malware/EDR on SolCyber Knowledgebasehttps://kb.solcyber.com/supported-data-sources-categories/antivirus-malware-edr/Recent content in Antivirus/Malware/EDR on SolCyber KnowledgebaseHugoenSentinelOnehttps://kb.solcyber.com/supported-data-sources-categories/antivirus-malware-edr/sentinel-one/Mon, 01 Jan 0001 00:00:00 +0000https://kb.solcyber.com/supported-data-sources-categories/antivirus-malware-edr/sentinel-one/<ul> <li>Log in to the SentinelOne <strong>Management Console</strong> using the <strong>Administrator</strong> username for the account.</li> <li>Copy and save the <strong>URL</strong> of your login.</li> <li><strong>Note:</strong> The host URL information will be similar to the following: <a href="https://usa-partners.sentinelone.net/">https://usa-partners.sentinelone.net/</a></li> <li>In the <strong>Management Console</strong>, click <strong>Settings</strong> &gt; <strong>USERS</strong>.</li> <li>Select your admin user account and click <strong>Generate API token</strong>.</li> </ul> <p><img src="https://kb.solcyber.com/assets/image%20%28227%29.png" alt="" /></p> <ul> <li>Copy and save the token</li> </ul> <p><img src="https://kb.solcyber.com/assets/image%20%28217%29.png" alt="" /></p> <blockquote class='book-hint note' ><div class="kb-alert-icon" aria-hidden="true"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="10"/><path d="M12 16v-4"/><path d="M12 8h.01"/></svg></div><div class="kb-alert-body"> <p><strong>Note:</strong> You will need to provide this token to SolCyber.</p>Crowdstrikehttps://kb.solcyber.com/supported-data-sources-categories/antivirus-malware-edr/crowdstrike/Mon, 01 Jan 0001 00:00:00 +0000https://kb.solcyber.com/supported-data-sources-categories/antivirus-malware-edr/crowdstrike/<h2 id="crowdstrike-falcon-streaming-api">CrowdStrike Falcon Streaming API<a class="anchor" href="#crowdstrike-falcon-streaming-api">#</a></h2> <ul> <li>Log in to Crowdstrike and then navigate to the <strong>Support and Resources &gt; API Clients and Keys</strong>.</li> </ul> <figure><img src="https://kb.solcyber.com/assets/Screenshot 2024-06-21 at 4.40.27 PM.png" alt="" width="407"><figcaption></figcaption></figure> <ul> <li>Click <strong>Create new API Client</strong>.</li> <li>Enter a name in <strong>Client Name</strong>.</li> </ul> <blockquote class='book-hint note' ><div class="kb-alert-icon" aria-hidden="true"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="10"/><path d="M12 16v-4"/><path d="M12 8h.01"/></svg></div><div class="kb-alert-body"> <p><strong>Example:</strong> Securonix_client.</p> </div> </blockquote> <ul> <li> <p>Select the <strong>Read</strong> right for the following options:</p> <ul> <li>Detections</li> <li>Incidents</li> <li>Event streams</li> </ul> </li> <li> <p>Click <strong>Create</strong>. The API client is now created.</p>