'%3e%3cpath%20d='M248.027%20159.993C292.176%20159.993%20328.105%20124.1%20328.105%2079.996C328.105%2035.892%20292.191%200%20248.027%200C203.863%200%20167.95%2035.892%20167.95%2079.996C167.949%20124.101%20203.878%20159.993%20248.027%20159.993ZM213.969%2045.973C223.069%2036.882%20235.155%2031.873%20248.027%2031.873C260.899%2031.873%20272.986%2036.882%20282.086%2045.973C291.186%2055.064%20296.2%2067.154%20296.2%2079.997C296.2%2092.84%20291.186%20104.93%20282.086%20114.021C272.986%20123.112%20260.899%20128.12%20248.027%20128.12C235.155%20128.12%20223.069%20123.111%20213.969%20114.021C204.869%20104.93%20199.871%2092.84%20199.871%2079.997C199.871%2067.154%20204.884%2055.063%20213.969%2045.973Z'%20fill='%23EE4323'/%3e%3cpath%20d='M150.16%200L57.6821%20159.993H94.5381L187%200H150.16Z'%20fill='%23EE4323'/%3e%3cpath%20d='M92.478%200L0%20159.993H36.856L129.334%200H92.478Z'%20fill='%23EE4323'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_296_834'%3e%3crect%20width='328.105'%20height='159.993'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Push Help Center
Ready to help
Ingesting events using SentinelOne
Configure SentinelOne to allow for ingesting Push webhook logs. You'll need the following information from SentinelOne to get started:
Ingest URL
Authorization token
Account ID (e.g. site ID)
Identify your ingest URL
Your ingest URL should follow the pattern of https://ingest.us1.sentinelone.net, where us1 is the deployment region that hosts your SentinelOne console. To find the URL for your data center, see Required services and ports for Console communication.
Generate an authorization token
In your SentinelOne console, go to Policies and settings > Service users and create a new service user.
Select New service user and complete the details required. Note the API token value that is generated.
When you create the integration in Push, you'll use this value as the Authorization token.
Find your account ID
In the S1 console, go to Policies and settings > Accounts. Select the account you wish to integrate with Push and then copy the account ID.
When you create the integration in Push, you'll use this ID as the Site / Account ID.
Configure the integration in Push
You can now create the integration on the Push side. In the Push admin console, go to Settings > Integrations and select the SentinelOne tile. From the slideout, enter the ingest URL, authorization token, and site / account ID.