> For the complete documentation index, see [llms.txt](https://kb.rezonate.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://kb.rezonate.io/core-integrations/sentinelone-integration.md).

# SentinelOne integration

### Create Integration In Rezonate

Get your Webhook authentication Rezonate, this can be done via the Integrations Interface or Prelude CLI. Save generate-webhook output to be used in the following steps. To generate the webhook:

* Click on the settings button on the top right menu.
* Click on the Integration panel in Rezonate and then "New Integration".&#x20;
* Select S1 Integration and click Connect.

<figure><img src="/files/wdZoSJnxcft5qx0S6hnm" alt=""><figcaption></figcaption></figure>

* Select a name for the new integration (it can be any name) and click Save.
* Take note of the webhook URL, we will use it in the next step.

  <figure><img src="/files/txpJ5IJOAl1c1g4VJe5z" alt=""><figcaption></figcaption></figure>

### Create Webhook Destination in S1

<figure><img src="/files/F7FYViDfkZbeRObEqIsw" alt=""><figcaption></figcaption></figure>

* Select Singularity XDR Webhook, and click Configure.
* Click and expand the dropdown menu:
  * Select the box under **Response Actions**: **Make "Hooks" available as "Manual Response Actions" from Threats**
  * Select the Name for the configuration.
  * Select  **"Options for triggering"  and** Paste the webhook created in Step 1 to the **URL field**
  * Select POST in **Action,** and choose **Full Threat Details** in **Webhook Request Body**
  * Insert the following header into the **Headers**

    ```
    {"Content-Type": "application/json"}
    ```
  * Select **Always Send body**
  * Click **Next**
* Select your organization and site in the **Access Level**
* Click **Install**.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://kb.rezonate.io/core-integrations/sentinelone-integration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.