SentinelOne - Get Blocklist Items
Details
This atomic belongs to the SentinelOne atomic group.
Get a list of all the items on the blocklist from SentinelOne.
Target: SentinelOne integration target or an HTTP Endpoint for "your-tenant.sentinelone.net" with a path of "/web/api/v2.1"
Account Key: None if using an integration-provided target, API token if using an HTTP endpoint target
Steps:
[] Generate the authorization header
[] Build the query string
[] Fetch the blocklist items
[] Check if the request was successful:
[]> If it was, attempt to extract the results and set the output variables
[]> If it wasn't, output an error
More information about this API can be found in the SentinelOne documentation
About
Integration
Authorship
Cisco Managed