Integration with SentinelOne

Advanced analytics for SentinelOne offers insightful reports on threat detection to help IT teams defend against threats and secure the environment efficiently. With this integration, you can easily slice and dice the SentinelOne data to track and respond to emerging threats and improve organizational efficiency.

General

1. What is Analytics Plus?
2. What are the highlights of this integration?

Setup

1. How do I integrate Analytics Plus with SentinelOne?
2. How long should I wait for my SentinelOne data to initially appear in Analytics Plus?
3. What should I do when the data synchronization fails?
4. How frequently can I synchronize my data?
5. Can I edit the synchronization settings?
6. Can I synchronize my SentinelOne data instantly?
7. How do I create custom reports over my SentinelOne data?
8. Can I set up the SentinelOne integration in existing workspaces of Analytics Plus?
9. Can I collect and report on data from several SentinelOne accounts in a single workspace?
10. How do I remove the SentinelOne setup?

Reporting Features

1. What are the report types supported by Analytics Plus?
2. Can I modify the pre-built reports that are offered as part of the SentinelOne integration?
3. How do I create reports using columns from different SentinelOne modules?
4. What are formulas in reports?
5. Is it possible to create custom formulas in Analytics Plus?
6. Can I modify the tables imported from SentinelOne?
7. Can I add new columns to the tables imported from SentinelOne?
8. Can I import new tables into the SentinelOne workspace?
9. Can I combine data from other sources with the data from SentinelOne, and create reports and dashboards?
10. What are Query Tables?

Sharing & Collaboration

1. How do I share reports, dashboards, and tables in Analytics Plus?
2. Why are my colleagues unable to access the reports I create?
3. Can other users create reports using the tables in the SentinelOne workspace?
4. Is it possible to share the same report to multiple users such that they each see different data?
5. Can I export a report or a dashboard?
6. How do I print the reports and dashboards created in Analytics Plus?
7. Can I email reports and dashboards at scheduled times?
8. Can I embed reports?

Help & Support

1. How do I get technical support on Analytics Plus?
2. Can I have get a personalized demo of this integration?

General

1. What is Analytics Plus?

Analytics Plus is a self-service business intelligence and analytics software that empowers you to transform complex IT data into actionable insights without the data scientists. It allows you to create intuitive reports and dashboards and collaborate with the team for informed decision-making.

Analytics Plus offers the following important capabilities:

• Import data from local files, web feeds, local and cloud databases, and cloud storage/drive.
• Displays data in an easy-to-view excel format.
• Build custom reports and dashboards easily with the drag-and-drop report builder.
• Visualize the reports in the form of charts, pivot tables, summary views, and tabular views.
• Organize and showcase the reports on dashboards along with KPIs.
• Bring out the hidden insights in your data in seconds with Zia, Analytics Plus' intelligent analytics assistant powered by Machine Learning and Artificial Intelligence.
• Create custom formulas using the built in formula engine that contains a wide range of mathematical, statistical, and logical functions.
• Share reports and dashboards with your colleagues easily, through a wide range of collaboration features.
• Export and publish reports and dashboards in various formats, and configure permissions and filters for the views.
• Supports out-of-the-box integrations with a wide number of applications to give you pre-built reports and dashboards on your application's data within minutes.

2. What are the highlights of this integration?

Analytics Plus seamlessly integrates with SentilOne, and enables you to do powerful analysis of your SentinelOne data and create insightful reports and dashboards. ‌On setting up this integration, the data from the modules listed below will be synchronized to Analytics Plus.

Setup

1. How do I integrate Analytics Plus with SentinelOne?

To integrate Analytics Plus with SentinelOne, follow the steps detailed in the below presentation.

2. How long should I wait for my SentinelOne data to initially appear in Analytics Plus?

After setting up the integration, you might have to wait sometime for the initial fetch to complete. Depending on the amount of data in your application, the reports and dashboards might take up to 5 minutes to display all the metrics. If you access the workspace before the initial fetch, it will not display any data.

3. What should I do when the data synchronization fails?

The import or synchronization process of your SentinelOne data can sometimes fail, due to a variety of reasons. Follow the below steps to resolve this.

1. Click the Data Sources button from the side panel. This opens the Data Sources summary page, which lists all the configured data sources in the workspace.

   

2. Navigate to the SentinelOne data source, and click the Re-Authenticate link.

   

You can also access the re-authenticate link from the data sources summary page. Click the Settings icon that appears on mouse over the SentinelOne data source and click the Re-Authenticate option.

4. How frequently can I synchronize my data?

Analytics Plus lets you synchronize your data every 24 hours. You can configure the time at which the synchronization should run.

5. Can I edit the synchronization settings?

To edit the connection and synchronization settings, follow the steps below:

1. Click the Data Sources option from the side panel. This opens the Data Sources summary page, which lists the data sources configured in the workspace.

   

2. Navigate to the SentinelOne data source, and click the Edit Setup link.
3. In the popup that appears, make the necessary changes and click Save.

   

You can also edit the setup from the Data Sources summary page.

1. Click the Settings icon that appears on the mouse over the SentinelOne data source and click the Edit Setup option.

   

2. In the popup that appears, make the necessary changes and click Save.

6. Can I synchronize my SentinelOne data instantly?

Yes. To do this, click the Data Sources option from the side panel. In the page that appears, navigate to the SentinelOne source and click the corresponding Sync Now button.

You can also access the SentinelOne data source page, and click Sync Now.

7. How do I create custom reports over my SentinelOne data?

You can easily create custom reports in the form of charts, pivot tables, summary, and tabular views in Analytics Plus. Click the corresponding links to learn more about creating reports. These reports can also be organized together to form intuitive dashboards. Refer this documentation to learn more about creating dashboards.

8. Can I set up the SentinelOne integration in existing workspaces of Analytics Plus?

Yes. Follow the steps below to do this.

• Open the required workspace, click the Create button from the side panel, and select the New Table / Import Data option.
• Select the SentinelOne tile from the Import Your Data screen that appears, and follow the setup procedure.

  

9. Can I collect and report on data from several SentinelOne accounts in a single workspace?

Yes. Analytics Plus allows you to import data from different SentinelOne accounts. To import additional account data, follow the steps below:

• Open the required workspace, click the Create button from the side panel, and select the New Table / Import Data option.
• Select the SentinelOne tile from the Import Your Data screen that appears, and follow the setup procedure.

  

10. How do I remove the SentinelOne setup?

• Open the required workspace, and click the Data Sources option from the side panel.
• Click the Settings icon that appears on mouse over the data source's name, and select Remove Data Source.

  

Reporting Features

1. What are the report types supported by Analytics Plus?

Analytics Plus supports a wide variety of reports, in the form of charts, pivot tables, summary views, and tabular views. To learn more about the various types of reports, click here. To know more about dashboards and KPI widgets, click here.

2. Can I modify the pre-built reports that are offered as part of the SolarWinds integration?

Yes. If you are the Server Administrator, or a workspace administrator of the workspace in which the integration is set up, click the Edit Design button in a report's toolbar and make the required changes. If you are a user with whom a report is shared, save a copy of the report by clicking the More Options icon > Save As, and modify the copied version as needed.

3. How do I create reports using columns from different SentinelOne modules?

Columns from different SentinelOnes are joined by default. Therefore, reports can be created over this data by simply dragging and dropping the respective columns in the report builder. Click here to learn more about creating reports.

4. What are formulas in reports?

Formulas are calculations that can be defined using the powerful formula engine to create required reports. Refer this documentation to know more. There are also several default formulas created based on the SentinelOne modules. To view the default formulas, open the required table, click Add, and select the Edit Formulas option.

5. Is it possible to create custom formulas in Analytics Plus?

Yes. Refer this documentation to learn more.

6. Can I modify the tables imported from SentinelOne?

The data from SentinelOne is synchronized with Analytics Plus automatically, and stored in the form of various tables. Therefore, it is not possible to add data or modify the existing data present in these tables.

7. Can I add new columns to the tables imported from SentinelOne?

No. However, you can add Formula Columns and Aggregate Formulas to these tables to create custom reports. Refer this documentation to know more.

8. Can I import new tables into the SentinelOne workspace?

Yes. To do this, open the SentinelOne Analytics workspace, click Create from the side panel and select the New Table / Import Data option. You can integrate with other applications or choose to import data stored in local files, web URLs, local databases, and cloud databases. Click the corresponding links to know more.

9. Can I combine data from other sources with the data from SentinelOne, and create reports and dashboards?

Yes. To do this, import or add a new table to the SentinelOne workspace and define a lookup relationship between the added data and the existing data in the workspace. To define a lookup relationship between two tables, it is essential that the tables have at least one column in common between them. Follow the below steps to establish a lookup relationship:

• Open the corresponding table, right click the column header, and select the Change to Lookup Column option.
• In the popup that appears, select the column from the second table to look up.
• Click Save & Close.

Click here to learn more about lookup columns.

10. What are Query Tables?

Using query tables, Analytics Plus allows you to import the required data by writing standard SQL queries. This feature also allows you to combine data from different tables and create reports from the combined data. Refer this documentation to know more.

Sharing & Collaboration

1. How do I share reports, dashboards, and tables in Analytics Plus?

You can share the out-of-the-box reports, dashboards, and tables, and the ones you create, with other users easily. Refer this documentation to know more.

2. Why are my colleagues unable to access the reports I create?

The SentinelOne workspace can be accessed only by the administrator who set up the integration. To allow other users to access the out-of-the-box reports and dashboards, you can share the reports and dashboards as needed. Refer this documentation to know more. You can also share the entire workspace with a user. Refer this documentation to know more.

3. Can other users create reports using the tables in the SentinelOne workspace?

Yes. To do this, share the required table with the users with the required permissions and filters.

4. Is it possible to share the same report to multiple users such that they each see different data?

Yes, you can do this by creating Variables. This allows you to share the report with several users, with associated filter criteria so that each user can access only the data specific to them. To learn more, refer this documentation.

5. Can I export a report or a dashboard?

Yes, you can export the report or dashboard in various formats such as CSV, EXCEL, PDF, HTML, and image. To learn more, refer this documentation.

6. How do I print the reports and dashboards created in Analytics Plus?

To do this, export the report or dashboard in the required format and print the exported file. To learn more about exporting a view in Analytics Plus, refer this documentation.

Note: To export a shared report or dashboard, the Export permission has to be enabled.

7. Can I email reports and dashboards at scheduled times?

Yes, you can easily set up email schedules. Refer this documentation to learn more.

8. Can I embed reports?

Yes. You can easily embed reports and dashboards into websites, applications, or blogs. Refer this documentation to know more.

Help & Support

1. How do I get technical support on Analytics Plus?

Technical support is free for all users, even during the trial period. You can contact the technical support team using the information below.

• Email: analyticsplus-support@manageengine.com
• Phone:
  • United States: +1 4695016108
  • United Kingdom: +44 2076602649
  • Australia: +61 892100050
  • India: +91-44-69656217

You can also get answers straight from our community.

2. Can I have get a personalized demo of this integration?

Yes, please register for a demo using the form on this page.