Skip to main content
Sign in

Creating an extended integration for SentinelOne assets

  • May 28, 2026 16:20
  • Updated

Let Oomnitza be your single source of truth!

You'll get complete visibility of your SentinelOne assets as data from SentinelOne is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and SentinelOne in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key asset and software information
  • Configurable reports to share information about assets and software with your colleagues and management such as corporate-wide reports that detail the distribution and status of the assets and software in your environment
  • Configurable workflows that you can create such as
    • Getting asset details, passphrases, and site information
    • Deleting asset tags

Navigation

small_blue_link.svg Updating the credentials

small_blue_link.svg Creating the asset integration

small_blue_link.svg Creating custom mappings

small_blue_link.svg Creating workflows

SentinelOne Delete Tag by ID

SentinelOne Get Asset Details

SentinelOne Get Asset Passphase

SentinelOne Get Asset Site Information

Before you start

To add credentials to the vault in Oomnitza and integrate SentinelOne with Oomnitza, you need to have the following information to hand:

  • Your SentinelOne API key. To generate an API key in SentinelOne:
    1. Log in to the Management Console as an Admin
    2. Navigate to Settings > Users
    3. Click on the Admin user you want to get a token for
      1. A new user should be created but is not required
    4. Click on the Generate link next to API Token
    5. A new window will open with the API Token.
    6. Click Copy
  • Your SentinelOne Customer Domain URL. The URL has the following format 
    https://<subdomain>.sentinelone.net or https://<subdomain>.sentinelone.com

Updating the credentials

To authorize connections between Oomnitza and SentinelOne, complete these steps:

Make life easier and add your credentials to Oomnitza before you create the integration.  

  1. In Oomnitza, click Configuration > Security > Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Add your API key.
  5. Click Create.

Integration not in the list? Click Advanced Mode and complete these steps:

  1. Add the information details.
  2. Click the AUTHORIZATION tab.
  3. Ensure that API Key is selected as the Authorization type.
  4. Ensure that the Token Name is Authorization
  5. Enter "ApiToken" followed by a space and the API Key. For example,ApiToken aefgd-adw3n-jknadd78l1kjndc.
  6. Ensure that Add to Header is selected.
  7. Save your changes.

You use the credentials that you added to create and customize your SentinelOne integrations with Oomnitza.

Creating the asset integration

  1. In Oomnitza, click Configuration> Integrations> Overview.
  2. Click Block view block_view.PNG
  3. Scroll down to the Extended section for asset integrations.
  4. Click NEW INTEGRATION.
  5. Select the integration in the sidebar.
  6. Click ADD.

Integration details overview

More information is provided about the following fields to help you complete the integration:

Software data

Depending on the asset integration, an option might be available to ingest desktop software information such as the name and version of the software installed on an asset. To view the software information in Oomnitza, you must have the software module. 

Installation types

  • Cloud. Store credentials in the Oomnitza cloud.
  • Local. Store credentials locally. If you want to sync Oomnitza with vendor applications that require AWS or OAUTH authentication, select cloud as the type of installation. Local installations don't support AWS and OAuth authentication. 

Integration preferences

  • Create & Update. Add and update records.
  • Create only. Add records.
  • Update only. Update records.

Integration details

To review or update the integrations details, click Edit edit_black_pencil_icon.svg.

TipBulb_Icon_small.svg When you edit the Integration details section, you can select the name or names of integration contacts.  Integration contacts will receive an in-app notification and an email, when the integration fails, when the integration fails to complete within 24 hours, or when the scheduled integration fails to run.

  1. Update the integration name.
  2. Select an installation type.
  3. For integration preferences, select an option.
  4. Enter the name of the integration user.  

Credential details

If you selected Cloud as the installation type, choose one of the following options:

  • Select the credentials that were created for the integration.
  • Edit the credentials that were created for the integration.
  • Create new credentials

Scheduling the integration

By default, data is synced once every day. Change the interval or the time so that the data is streamed when your system isn't busy.

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make and save your changes.

Mapping fields to Oomnitza

To map the fields to Oomnitza, click Edit edit_black_pencil_icon.svg.

 cog_red_dot_small_icon.svg Select Edit integration to add rules for syncing data. small_blue_link.svg Filtering integration results.  

Click SMART MAPPING.

You can add new fields to your integration by selecting Add new field  add_grey_rectangel_icon.svg on the mapping page. 
small_blue_link.svg Creating custom API fields. 

Creating custom mappings

Map the SentinelOne fields to Oomnitza fields and create custom mappings to get the user information that you need.

Complete these actions:

  1. You must create a custom mapping for the SentinelOne Device Id field. To do this, complete these steps:
    1. Click the down arrow on the Id field.
    2. Select Add new Oomnitza assets field.
    3. Change the name of the Id field to SentinelOne Device Id
    4. Click CREATE
  2. Create custom mappings to map any other field that you want to add to Oomnitza:
    1. Click the down arrow on the field that you want to map.
    2. Select Add new Oomnitza assets field.
    3. Change the name of the field.
    4. Click CREATE
  3. Assign a sync key to the Email field.
  4. Click UPDATE

Tracking information for asset loads 

When the integration is run, you can track the name of the credentials that were used and the source of the data. To do this, you map the following fields to Oomnitza:   

  • Connect: Credentials
  • Connect: Customer Domain URL

Custom mappings

Account Id
Account Name
Active Directory Computer Distinguished Name
Active Directory Last User Distinguished Name
Active Threats
Agent Version
Apps Vulnerability Status
Computer Name
Connector Sync Time
Console Migration Status
Core Count
Cpu Count
Cpu Id
Created At
Customer Domain URL
Detection State
Domain
External Id
External Ip
First Full Mode Time
Group Id
Group Ip
Group Name
Id
Installer Type
Is Active
Is Allow Remote Shell
Is Decommissioned
Is Encrypted Applications
Is Firewall Enabled
Is In Remote Shell Session
Is Infected
Is Location Enabled
Is Network Quarantine Enabled
Is Pending Uninstall
Is Threat Reboot Required
Is Uninstalled
Is Up To Date
Last Active Date
Last Ip To Mgmt
Last Logged In User Name
License Key
Location Type
Machine Type
Mitigation Mode
Mitigation Mode Suspicious
Model Name
Network Status
Operational State
Operational State Expiration
Os Arch
Os Name
Os Revision
Os Start Time
Os Type
Os Username
Ranger Status
Ranger Version
Registered At
Remote Profiling State
Remote Profiling State Expiration
Scan Aborted At
Scan Finished At
Scan Started At
Scan Status
Site Id
Site Name
Storage Name
Storage Type
Total Memory
Updated At
Uuid

Launching the integration

Your integration is in Draft mode until the required mandatory fields are added. When added, click Launch to activate your integration. 

small_blue_link.svg If you selected Cloud as the installation type when creating the integration, see Running an extended integration

small_blue_link.svg If you selected Local as the installation type when creating the integration, see Running an extended integration locally.

Viewing data ingested by Oomnitza

Viewing ingested asset data

For asset integrations, click Hardware. If the asset integration also ingests software data, click Software.

Viewing ingested user data

For user integrations, click People. If you chose the option to ingest User and SaaS user data, click Software > SaaS, click the SaaS app, and then click the Users tab. 

Related Links

Creating workflows

To reduce your workload and automate complex and repetitive tasks, you can create asset workflows with the API block by following the steps in Using the API block. When creating the asset workflows with the API block for SentinelOne, the following specific configuration is required:

  • To locate the available presets, enter SentinelOne in the Select Preset search field. The SentinelOne API block workflow comes with the following presets:

    SentinelOne Delete Tag by ID
    SentinelOne Get Asset Details
    SentinelOne Get Asset Passphase
    SentinelOne Get Asset Site Information


  • In the Configure section, enter the following details:
    1. The SentinelOne URL, if it was not already added as a global variable. For further information, refer to Setting the SentinelOne URL as a global variable.
    2. Your SentinelOne Credentials that you created in Updating the credentials. 

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets, learn how to:

      • Configure dashboards for your users and software
      • Configure custom reports about your users and software
      • Create workflows to automate tasks

See small_blue_link.svg Getting started

See Creating workflows to find out more about how to create workflows with SentinelOne.

 

Did you know
You can also create extended connector integrations for SentinelOne Users.
small_blue_link.svg  Extended Integration for SentinelOne Users

Related articles

Comments

0 comments

Please sign in to leave a comment.