SentinelOne

Version: 1.1.1

Cyber security that prevents threats at faster speed, greater scale, and higher accuracy than humanly possible.

Connect SentinelOne with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for SentinelOne.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Server URL: API URL for SentinelOne. Example: https://host/web/api/v2.1
    • Token: Token for authentication with SentinelOne server.
  4. After you've entered all the details, click Connect.

Actions for SentinelOne

Connects Agent To Network

Connects agent to network

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Agent ID

Jinja-templated agent ID which is to be connected to the network. Example: {{agent_id_column}}

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Connects Agent To Network Data
{
   "locations":null,
   "osStartTime":"2021-01-12T20:40:27Z",
   "rangerVersion":null,
   "cloudProviders":{
      
   },
   "osArch":"64 bit",
   "licenseKey":"",
   "updatedAt":"2021-09-06T16:36:34.926026Z",
   "externalId":"",
   "networkInterfaces":[
      {
         "name":"ens3",
         "gatewayIp":"10.0.0.1",
         "inet6":[
            
         ],
         "gatewayMacAddress":"00:00:17:31:2e:8e",
         "id":"1184207949927894021",
         "inet":[
            "10.0.0.2"
         ],
         "physical":"02:00:17:09:AC:E4"
      },
      {
         "name":"docker0",
         "gatewayIp":null,
         "inet6":[
            
         ],
         "gatewayMacAddress":null,
         "id":"1184207949927894022",
         "inet":[
            "172.17.0.1"
         ],
         "physical":"02:42:2D:5A:F2:4C"
      }
   ],
   "lastActiveDate":"2021-09-06T16:35:30.729725Z",
   "networkStatus":"connecting",
   "locationEnabled":false,
   "lastIpToMgmt":"10.0.0.2",
   "accountName":"SentinelOne",
   "threatRebootRequired":false,
   "scanStartedAt":"2021-06-22T21:30:56.771107Z",
   "domain":"sub01122036110.default.oraclevcn.com",
   "uuid":"8680d9d2-16d3-2915-b736-2b4d2f4d6faf",
   "lastLoggedInUserName":"",
   "networkQuarantineEnabled":false,
   "isUninstalled":false,
   "scanStatus":"finished",
   "userActionsNeeded":[
      
   ],
   "osUsername":"root",
   "cpuCount":1,
   "storageType":null,
   "coreCount":2,
   "isPendingUninstall":false,
   "firewallEnabled":true,
   "accountId":"433241117337583618",
   "mitigationMode":"protect",
   "activeThreats":0,
   "registeredAt":"2021-06-22T21:29:48.386746Z",
   "machineType":"server",
   "groupId":"1184166245199854505",
   "infected":false,
   "modelName":"QEMU Standard PC (i440FX + PIIX, 1996)",
   "consoleMigrationStatus":"N/A",
   "storageName":null,
   "has_error":false,
   "siteName":"LogicHub",
   "id":"1184207949919505412",
   "scanFinishedAt":"2021-06-23T00:03:51.386826Z",
   "error":null,
   "remoteProfilingStateExpiration":null,
   "installerType":".rpm",
   "groupName":"Default Group",
   "encryptedApplications":false,
   "remoteProfilingState":"disabled",
   "osType":"linux",
   "totalMemory":688,
   "externalIp":"129.213.58.77",
   "createdAt":"2021-06-22T21:29:48.389992Z",
   "osName":"Linux",
   "isActive":true,
   "agentVersion":"21.6.3.7",
   "inRemoteShellSession":false,
   "isUpToDate":true,
   "allowRemoteShell":true,
   "cpuId":"AMD EPYC 7551 32-Core Processor",
   "mitigationModeSuspicious":"detect",
   "isDecommissioned":false,
   "siteId":"1184166245183077288",
   "computerName":"instance-20210112-1436",
   "locationType":"not_supported",
   "operationalStateExpiration":null,
   "rangerStatus":"NotApplicable",
   "scanAbortedAt":null,
   "activeDirectory":{
      "computerDistinguishedName":null,
      "lastUserMemberOf":[
         
      ],
      "computerMemberOf":[
         
      ],
      "lastUserDistinguishedName":null
   },
   "operationalState":"na",
   "osRevision":"Oracle Server release 7.9 5.4.17-2036.102.0.2.el7uek.x86_64",
   "appsVulnerabilityStatus":"not_applicable",
   "groupIp":"129.213.58.x"
}

Disconnects Agent From Network

Disconnects agent from network

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Agent ID

Jinja-templated agent ID which is to be disconnected from the network. Example: {{agent_id_column}}

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Disconnects Agent From Network Data
{
   "locations":null,
   "osStartTime":"2021-01-12T20:40:27Z",
   "rangerVersion":null,
   "cloudProviders":{
      
   },
   "osArch":"64 bit",
   "licenseKey":"",
   "updatedAt":"2021-09-06T16:36:34.926026Z",
   "externalId":"",
   "networkInterfaces":[
      {
         "name":"ens3",
         "gatewayIp":"10.0.0.1",
         "inet6":[
            
         ],
         "gatewayMacAddress":"00:00:17:31:2e:8e",
         "id":"1184207949927894021",
         "inet":[
            "10.0.0.2"
         ],
         "physical":"02:00:17:09:AC:E4"
      },
      {
         "name":"docker0",
         "gatewayIp":null,
         "inet6":[
            
         ],
         "gatewayMacAddress":null,
         "id":"1184207949927894022",
         "inet":[
            "172.17.0.1"
         ],
         "physical":"02:42:2D:5A:F2:4C"
      }
   ],
   "lastActiveDate":"2021-09-06T16:35:30.729725Z",
   "networkStatus":"connecting",
   "locationEnabled":false,
   "lastIpToMgmt":"10.0.0.2",
   "accountName":"SentinelOne",
   "threatRebootRequired":false,
   "scanStartedAt":"2021-06-22T21:30:56.771107Z",
   "domain":"sub01122036110.default.oraclevcn.com",
   "uuid":"8680d9d2-16d3-2915-b736-2b4d2f4d6faf",
   "lastLoggedInUserName":"",
   "networkQuarantineEnabled":false,
   "isUninstalled":false,
   "scanStatus":"finished",
   "userActionsNeeded":[
      
   ],
   "osUsername":"root",
   "cpuCount":1,
   "storageType":null,
   "coreCount":2,
   "isPendingUninstall":false,
   "firewallEnabled":true,
   "accountId":"433241117337583618",
   "mitigationMode":"protect",
   "activeThreats":0,
   "registeredAt":"2021-06-22T21:29:48.386746Z",
   "machineType":"server",
   "groupId":"1184166245199854505",
   "infected":false,
   "modelName":"QEMU Standard PC (i440FX + PIIX, 1996)",
   "consoleMigrationStatus":"N/A",
   "storageName":null,
   "has_error":false,
   "siteName":"LogicHub",
   "id":"1184207949919505412",
   "scanFinishedAt":"2021-06-23T00:03:51.386826Z",
   "error":null,
   "remoteProfilingStateExpiration":null,
   "installerType":".rpm",
   "groupName":"Default Group",
   "encryptedApplications":false,
   "remoteProfilingState":"disabled",
   "osType":"linux",
   "totalMemory":688,
   "externalIp":"129.213.58.77",
   "createdAt":"2021-06-22T21:29:48.389992Z",
   "osName":"Linux",
   "isActive":true,
   "agentVersion":"21.6.3.7",
   "inRemoteShellSession":false,
   "isUpToDate":true,
   "allowRemoteShell":true,
   "cpuId":"AMD EPYC 7551 32-Core Processor",
   "mitigationModeSuspicious":"detect",
   "isDecommissioned":false,
   "siteId":"1184166245183077288",
   "computerName":"instance-20210112-1436",
   "locationType":"not_supported",
   "operationalStateExpiration":null,
   "rangerStatus":"NotApplicable",
   "scanAbortedAt":null,
   "activeDirectory":{
      "computerDistinguishedName":null,
      "lastUserMemberOf":[
         
      ],
      "computerMemberOf":[
         
      ],
      "lastUserDistinguishedName":null
   },
   "operationalState":"na",
   "osRevision":"Oracle Server release 7.9 5.4.17-2036.102.0.2.el7uek.x86_64",
   "appsVulnerabilityStatus":"not_applicable",
   "groupIp":"129.213.58.x"
}

Create Query

Runs a Deep Visibility Query and returns the queryId. You can use the queryId for all other commands, such as the sentinelone-get-events command.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Query

Jinja-templated query used for creating the query. Example: EndpointName exists.

Required

From Date

Jinja-templated from date used for creating the query. Format: %Y-%m-%dT%H:%M:%SZ, Example: 2021-06-22T21:29:48Z

Required

To Date

Jinja-templated to date used for creating the query. Format: %Y-%m-%dT%H:%M:%SZ, Example: 2021-06-22T21:29:48Z

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Create Query Data
{
   "has_error":false,
   "data":{
      "queryId":"qe4080a5f8088b188b423b9edcc768252"
   },
   "error":null
}

Get Agent

Get agent details by agent ID

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Agent ID

Jinja-templated agent ID which is to be fetched. Example: {{agent_id_column}}

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Get Agent Data
{
   "locations":null,
   "osStartTime":"2021-01-12T20:40:27Z",
   "rangerVersion":null,
   "cloudProviders":{
      
   },
   "osArch":"64 bit",
   "licenseKey":"",
   "updatedAt":"2021-09-06T04:27:29.724745Z",
   "externalId":"",
   "networkInterfaces":[
      {
         "name":"ens3",
         "gatewayIp":"10.0.0.1",
         "inet6":[
            
         ],
         "gatewayMacAddress":"00:00:17:31:2e:8e",
         "id":"1184207949927894021",
         "inet":[
            "10.0.0.2"
         ],
         "physical":"02:00:17:09:AC:E4"
      },
      {
         "name":"docker0",
         "gatewayIp":null,
         "inet6":[
            
         ],
         "gatewayMacAddress":null,
         "id":"1184207949927894022",
         "inet":[
            "172.17.0.1"
         ],
         "physical":"02:42:2D:5A:F2:4C"
      }
   ],
   "lastActiveDate":"2021-09-06T16:32:30.729967Z",
   "networkStatus":"connected",
   "locationEnabled":false,
   "lastIpToMgmt":"10.0.0.2",
   "accountName":"SentinelOne",
   "threatRebootRequired":false,
   "scanStartedAt":"2021-06-22T21:30:56.771107Z",
   "domain":"sub01122036110.default.oraclevcn.com",
   "uuid":"8680d9d2-16d3-2915-b736-2b4d2f4d6faf",
   "lastLoggedInUserName":"",
   "networkQuarantineEnabled":false,
   "isUninstalled":false,
   "scanStatus":"finished",
   "userActionsNeeded":[
      
   ],
   "osUsername":"root",
   "cpuCount":1,
   "storageType":null,
   "coreCount":2,
   "isPendingUninstall":false,
   "firewallEnabled":true,
   "accountId":"433241117337583618",
   "mitigationMode":"protect",
   "activeThreats":0,
   "registeredAt":"2021-06-22T21:29:48.386746Z",
   "machineType":"server",
   "groupId":"1184166245199854505",
   "infected":false,
   "modelName":"QEMU Standard PC (i440FX + PIIX, 1996)",
   "consoleMigrationStatus":"N/A",
   "storageName":null,
   "has_error":false,
   "siteName":"LogicHub",
   "id":"1184207949919505412",
   "scanFinishedAt":"2021-06-23T00:03:51.386826Z",
   "error":null,
   "remoteProfilingStateExpiration":null,
   "installerType":".rpm",
   "groupName":"Default Group",
   "encryptedApplications":false,
   "remoteProfilingState":"disabled",
   "osType":"linux",
   "totalMemory":688,
   "externalIp":"129.213.58.77",
   "createdAt":"2021-06-22T21:29:48.389992Z",
   "osName":"Linux",
   "isActive":true,
   "agentVersion":"21.6.3.7",
   "inRemoteShellSession":false,
   "isUpToDate":true,
   "allowRemoteShell":true,
   "cpuId":"AMD EPYC 7551 32-Core Processor",
   "mitigationModeSuspicious":"detect",
   "isDecommissioned":false,
   "siteId":"1184166245183077288",
   "computerName":"instance-20210112-1436",
   "locationType":"not_supported",
   "operationalStateExpiration":null,
   "rangerStatus":"NotApplicable",
   "scanAbortedAt":null,
   "activeDirectory":{
      "computerDistinguishedName":null,
      "lastUserMemberOf":[
         
      ],
      "computerMemberOf":[
         
      ],
      "lastUserDistinguishedName":null
   },
   "operationalState":"na",
   "osRevision":"Oracle Server release 7.9 5.4.17-2036.102.0.2.el7uek.x86_64",
   "appsVulnerabilityStatus":"not_applicable",
   "groupIp":"129.213.58.x"
}

Get Events

Fetch all deep visibility events that match the query.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Query ID

Jinja-templated query ID which is to be fetched. Example: {{query_id_column}}

Required

Limit

Limit for number of events to be fetched. (Default is 100000)

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Get Events Data
{
   "has_error":false,
   "noResults":"no results returned",
   "error":null
}

List Agents

List all agents matching the input filter

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Minimum Active Threats

Jinja-templated minimum active threats. Agents with active threats greater than this value will be fetched. Example: {{minimum_active_threats}}

Required

Computer Name

Jinja-templated computer name. Example: {{computer_name_column}}

Required

Scan Status

Jinja-templated scan status. Example: {{scan_status_column}}

Required

OS Type

Jinja-templated OS type. Example: {{os_type_column}}

Required

Created At

Jinja-templated date representing created date of the agent. Format: %Y-%m-%dT%H:%M:%SZ, Example: 2021-06-22T21:29:48Z

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: List Agents Data
{
   "locations":null,
   "osStartTime":"2021-01-12T20:40:27Z",
   "rangerVersion":null,
   "cloudProviders":{
      
   },
   "osArch":"64 bit",
   "licenseKey":"",
   "updatedAt":"2021-09-06T04:27:29.724745Z",
   "externalId":"",
   "networkInterfaces":[
      {
         "gatewayIp":"10.0.0.1",
         "gatewayMacAddress":"00:00:17:31:2e:8e",
         "id":"1184207949927894021",
         "inet":[
            "10.0.0.2"
         ],
         "inet6":[
            
         ],
         "name":"ens3",
         "physical":"02:00:17:09:AC:E4"
      },
      {
         "gatewayIp":null,
         "gatewayMacAddress":null,
         "id":"1184207949927894022",
         "inet":[
            "172.17.0.1"
         ],
         "inet6":[
            
         ],
         "name":"docker0",
         "physical":"02:42:2D:5A:F2:4C"
      }
   ],
   "lastActiveDate":"2021-09-06T16:19:00.729942Z",
   "networkStatus":"connected",
   "locationEnabled":false,
   "lastIpToMgmt":"10.0.0.2",
   "accountName":"SentinelOne",
   "threatRebootRequired":false,
   "scanStartedAt":"2021-06-22T21:30:56.771107Z",
   "domain":"sub01122036110.default.oraclevcn.com",
   "uuid":"8680d9d2-16d3-2915-b736-2b4d2f4d6faf",
   "lastLoggedInUserName":"",
   "networkQuarantineEnabled":false,
   "isUninstalled":false,
   "scanStatus":"finished",
   "userActionsNeeded":[
      
   ],
   "osUsername":"root",
   "cpuCount":1,
   "storageType":null,
   "coreCount":2,
   "isPendingUninstall":false,
   "firewallEnabled":true,
   "accountId":"433241117337583618",
   "mitigationMode":"protect",
   "activeThreats":0,
   "registeredAt":"2021-06-22T21:29:48.386746Z",
   "machineType":"server",
   "groupId":"1184166245199854505",
   "infected":false,
   "modelName":"QEMU Standard PC (i440FX + PIIX, 1996)",
   "consoleMigrationStatus":"N/A",
   "storageName":null,
   "has_error":false,
   "siteName":"LogicHub",
   "id":"1184207949919505412",
   "scanFinishedAt":"2021-06-23T00:03:51.386826Z",
   "error":null,
   "remoteProfilingStateExpiration":null,
   "installerType":".rpm",
   "groupName":"Default Group",
   "encryptedApplications":false,
   "remoteProfilingState":"disabled",
   "osType":"linux",
   "totalMemory":688,
   "externalIp":"129.213.58.77",
   "createdAt":"2021-06-22T21:29:48.389992Z",
   "osName":"Linux",
   "isActive":true,
   "agentVersion":"21.6.3.7",
   "inRemoteShellSession":false,
   "isUpToDate":true,
   "allowRemoteShell":true,
   "cpuId":"AMD EPYC 7551 32-Core Processor",
   "mitigationModeSuspicious":"detect",
   "isDecommissioned":false,
   "siteId":"1184166245183077288",
   "computerName":"instance-20210112-1436",
   "locationType":"not_supported",
   "operationalStateExpiration":null,
   "rangerStatus":"NotApplicable",
   "scanAbortedAt":null,
   "activeDirectory":{
      "computerDistinguishedName":null,
      "computerMemberOf":[
         
      ],
      "lastUserDistinguishedName":null,
      "lastUserMemberOf":[
         
      ]
   },
   "operationalState":"na",
   "osRevision":"Oracle Server release 7.9 5.4.17-2036.102.0.2.el7uek.x86_64",
   "appsVulnerabilityStatus":"not_applicable",
   "groupIp":"129.213.58.x"
}

Shutdown Agent

Shutdown agent via filters

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Query

Jinja-templated query for shutting down the agents. Example: {{query_column}}

Required

Agent IDs

Jinja-templated comma separated Agent IDs which are to be shutdown. Example: {{agent_id_column}}

Required

Group IDs

Jinja-templated comma separated Group ID. Example: {{group_id_column}}

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Shutdown Agent Data
{
   "locations":null,
   "osStartTime":"2021-01-12T20:40:27Z",
   "rangerVersion":null,
   "cloudProviders":{
      
   },
   "osArch":"64 bit",
   "licenseKey":"",
   "updatedAt":"2021-09-06T16:36:34.926026Z",
   "externalId":"",
   "networkInterfaces":[
      {
         "name":"ens3",
         "gatewayIp":"10.0.0.1",
         "inet6":[
            
         ],
         "gatewayMacAddress":"00:00:17:31:2e:8e",
         "id":"1184207949927894021",
         "inet":[
            "10.0.0.2"
         ],
         "physical":"02:00:17:09:AC:E4"
      },
      {
         "name":"docker0",
         "gatewayIp":null,
         "inet6":[
            
         ],
         "gatewayMacAddress":null,
         "id":"1184207949927894022",
         "inet":[
            "172.17.0.1"
         ],
         "physical":"02:42:2D:5A:F2:4C"
      }
   ],
   "lastActiveDate":"2021-09-06T16:35:30.729725Z",
   "networkStatus":"connecting",
   "locationEnabled":false,
   "lastIpToMgmt":"10.0.0.2",
   "accountName":"SentinelOne",
   "threatRebootRequired":false,
   "scanStartedAt":"2021-06-22T21:30:56.771107Z",
   "domain":"sub01122036110.default.oraclevcn.com",
   "uuid":"8680d9d2-16d3-2915-b736-2b4d2f4d6faf",
   "lastLoggedInUserName":"",
   "networkQuarantineEnabled":false,
   "isUninstalled":false,
   "scanStatus":"finished",
   "userActionsNeeded":[
      
   ],
   "osUsername":"root",
   "cpuCount":1,
   "storageType":null,
   "coreCount":2,
   "isPendingUninstall":false,
   "firewallEnabled":true,
   "accountId":"433241117337583618",
   "mitigationMode":"protect",
   "activeThreats":0,
   "registeredAt":"2021-06-22T21:29:48.386746Z",
   "machineType":"server",
   "groupId":"1184166245199854505",
   "infected":false,
   "modelName":"QEMU Standard PC (i440FX + PIIX, 1996)",
   "consoleMigrationStatus":"N/A",
   "storageName":null,
   "has_error":false,
   "siteName":"LogicHub",
   "id":"1184207949919505412",
   "scanFinishedAt":"2021-06-23T00:03:51.386826Z",
   "error":null,
   "remoteProfilingStateExpiration":null,
   "installerType":".rpm",
   "groupName":"Default Group",
   "encryptedApplications":false,
   "remoteProfilingState":"disabled",
   "osType":"linux",
   "totalMemory":688,
   "externalIp":"129.213.58.77",
   "createdAt":"2021-06-22T21:29:48.389992Z",
   "osName":"Linux",
   "isActive":true,
   "agentVersion":"21.6.3.7",
   "inRemoteShellSession":false,
   "isUpToDate":true,
   "allowRemoteShell":true,
   "cpuId":"AMD EPYC 7551 32-Core Processor",
   "mitigationModeSuspicious":"detect",
   "isDecommissioned":false,
   "siteId":"1184166245183077288",
   "computerName":"instance-20210112-1436",
   "locationType":"not_supported",
   "operationalStateExpiration":null,
   "rangerStatus":"NotApplicable",
   "scanAbortedAt":null,
   "activeDirectory":{
      "computerDistinguishedName":null,
      "lastUserMemberOf":[
         
      ],
      "computerMemberOf":[
         
      ],
      "lastUserDistinguishedName":null
   },
   "operationalState":"na",
   "osRevision":"Oracle Server release 7.9 5.4.17-2036.102.0.2.el7uek.x86_64",
   "appsVulnerabilityStatus":"not_applicable",
   "groupIp":"129.213.58.x"
}

Dashboard Threat Summary

Dashboard threat summary for sites and groups

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Site IDs

Jinja-templated comma separated site IDs for which threat summary needs to be pulled. Example: {{site_id_column}}

Required

Group IDs

Jinja-templated comma separated group IDs. Example: {{group_id_column}}

Required

Time between consecutive API requests (in millis)

Time to wait between consecutive API requests in milliseconds. (Default is 0 milliseconds).

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: Dashboard Threat Summary Data
{
   "has_error":false,
   "data":{
      "notResolved":0,
      "resolved":0,
      "suspiciousNotMitigatedNotResolved":0,
      "suspiciousNotResolved":0,
      "notMitigatedNotResolved":0,
      "inProgress":0,
      "total":0,
      "maliciousNotResolved":0,
      "notMitigated":0
   },
   "error":null
}

Release Notes

  • v1.1.1 - Added documentation link in the automation library.

Did this page help you?
© 2017-2021 LogicHub®. All Rights Reserved.