Closed swaybs closed 2 months ago
you must have an account on sentinel one.
Are you saying I need an account with Sentinel One to use the Microsoft Sentinel stream connector? They are two different products.
You will need to create a new Entra ID app registration with the permissions to read/write ThreatIntelligenceIndicators and then create a new secret for it - this will give you the values that you need
@swaybs Is your problem solved? FYI: I transfer the issue in "connectors" project
@swaybs : any news ?
Prerequisites
Description
I am trying to set up the MS Sentinel Stream connector. My current setup is running internally on a RHEL 8 server running OpenCTI within docker. I can't seem to find any proper instructions on how to set this up besides parameters that need to be entered in the connector.
Environment
Additional information
ERROR:
I see the
CLIENT_ID
andCLIENT_SECRET
that need to be supplied, but I have no idea where I am supposed to generate those from.Any help would be greatly appreciated! Thanks in advance.