Integrating SentinelOne Singularity Data Lake with ConcealBrowse Integrating SentinelOne Singularity Data Lake with ConcealBrowse

Integrating SentinelOne Singularity Data Lake with ConcealBrowse

Description

If you're using SentinelOne Singularity Data Lake (formerly Skylight), you have the option to integrate that with ConcealBrowse. This allows metrics and data collected by Conceal to be seamlessly transferred into SentinelOne. This article will guide you through setting up the integration with ConcealBrowse.

Procedure

SentinelOne Singularity Data Lake

  1. In the SentinelOne management console, on the lefthand menu, click Visibility
  2. Note the domain in the browser, you will need it later (ex https://xdr.us1.sentinelone.net)
  3. Click your username at the top right, and choose API Keys
  4. Next to Log Access Keys, click +Add Key, choose Add Write Key
  5. Hover over the new key, and click the icon for Copy to clipboard
  6. Store the URL and API Key for the next steps

Conceal Dashboard

  1. Navigate to the Conceal dashboard at https://dashboard.conceal.io/ and login if necessary.
  2. Click on the section labeled Plugins on the left hand menu.
    Plugins_2.png
  3. Scroll down and in the PostProcess section, locate the SentinelOne Skylight tile and click the button labeled Configure.Screenshot 2024-01-10 at 1.23.03 PM.png
  4. Provide your SentinelOne Management URL
    - Example: https://xdr.us1.sentinelone.net (Do NOT include any paths, just the base URL, remove any trailing characters such as forward slashes)
  5. Provide the API key you generated and saved from the SentinelOne Management console
  6. Click the Enabled checkbox and Save Settings
  7. Click Test Configuration to send a sample event from the Conceal dashboard.

Screenshot 2024-01-10 at 1.27.53 PM.png

*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.