SentinelOne Singularity Data Lake

In this guide, you will integrate your SentinelOne Singularity Data Lake environment with Radiant.

You'll generate an API key in SentinelOne Singularity Data Lake to allow Radiant to query the endpoint telemetry events required for triage on demand.

At the end of this configuration, you will provide the following values:

• API Token

• API Base URL for example: https://xdr.us1.sentinelone.net

Prerequisites

• Admin role for the SentinelOne environment that you want to connect to Radiant Security.

Create the API Key

1. Log into your SentinelOne console with an Admin role account.

2. Hover your cursor over the SentinelOne logo to open the navigation pane.

3. Select Visibility to access Singularity Data Lake, this will redirect to a new console. Copy the URL of the SDL console as the value for the API Base URL.

4. In the top right corner, click on your username, and then click API Keys.

5. In the Log Access Keys section, click Add Key and Add Read Key to generate a new key.

6. Use the Copy to Clipboard button next to the key, or the Show Keys button to copy the key. You will need to provide this value to Radiant Security at the end of the configuration.

Add the data connector in Radiant Security

1. Log in to Radiant Security.

2. From the navigation menu, select Settings > Data Connectors and click + Add Connector.

3. Search for and select the SentinelOne Singularity Data Lake option from the list and then click Data Feeds.

4. Click Credentials.

5. Give the credential an identifiable name (e.g. SentinelOne SDL Credentials).

6. Under API Base URL, paste in your SentinelOne that you copied in step 3 of Create the API Key section.

7. Under API Token, paste the token key that you copied in step 6 of Create the API Key section.

What data Singularity Data Lake collects

Singularity Data Lake collects telemetry data only. To collect alerts and sensors information, you must pair Singularity Data Lake with the SentinelOne Deep Visibility integration by following this guide.