Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[sentinelone-incident-import] A connector that allows Incidents from a SentinelOne Account to be imported into an OpenCTI Instance #3510

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

[sentinelone-incident-import] A connector that allows Incidents from a SentinelOne Account to be imported into an OpenCTI Instance #3510

wants to merge 3 commits into from

Conversation

maximus-debski
Copy link

@maximus-debski maximus-debski commented Feb 27, 2025
edited by Powlinett
Loading

Proposed changes

  • Initial Creation of the SentinelOne Incident External Import Connector

Related issues

  • NA

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

NOTE: This connector's development occurred in the 'sentinelone-incidents' pull request. This is a fresh, new pull request that contains signed commits only. See #3270

@romain-filigran romain-filigran added this to the PRs backlog milestone Feb 27, 2025
@helene-nguyen helene-nguyen added the community use to identify PR from community label Feb 28, 2025
Powlinett
Powlinett requested changes Mar 10, 2025
View reviewed changes
Copy link
Member

@Powlinett Powlinett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thansk again for your contribution @maximus-debski 🙏
Unfortunaly I can't checkout to your branch due to an invalid path error, as there's a trailing space in the connector's directory. Would you mind remove it and leverage this change to remove "-import" and simply call the connector "sentinelone-incident" ? 😇
Thanks!

Powlinett
Powlinett reviewed Mar 12, 2025
View reviewed changes
external-import/sentinelone-incident-import/docker-compose.yml
version: '3'
services:
connector-sentinelone-incidents:
build: ./
Copy link
Member

@Powlinett Powlinett Mar 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed, please don't forget to update docker files according to the new connector's name.
Here the service's name should be sentinelone-incident and the build key should be replaced by image: opencti/sentinelone-incident:<version>.

@romain-filigran romain-filigran mentioned this pull request Mar 13, 2025
Closed
@SamuelHassine SamuelHassine force-pushed the master branch 3 times, most recently from e97d87b to cbdee1f Compare March 14, 2025 15:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Powlinett Powlinett Powlinett requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@Powlinett Powlinett

Labels
community use to identify PR from community
Projects
None yet
Milestone
PRs backlog
Development

Successfully merging this pull request may close these issues.
4 participants
@maximus-debski @Powlinett @helene-nguyen @romain-filigran