It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-6)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda XDR

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-6)

Integrating SentinelOne

Last updated on 2024-09-26 13:08:29

To integrate SentinelOne, do the following procedures:

To configure Syslog forwarding from SentinelOne EPP
To find your SentinelOne Site token
To set up Barracuda XDR Dashboard

To configure Syslog forwarding from SentinelOne EPP

In address bar of a browser, enter the SentinelOne Management Console URL provided by the SentinelOne support team (For example, https://<DomainName>.sentinelone.net/dashboard, where <DomainName> is the domain name of your SentinelOne account).
Log in to the SentinelOne Management Console as an Administrator.
If you are a Site or Account Admin, you must select a Site to open Settings.
This configuration is done by site. You can only integrate one site per XDR Dashboard.
Click Settings.
Click Notifications.
In the Syslog column, ensure all Syslog settings are selected. (See the sample screenshot below.)
In the SentinelOne Management Console, click Settings > Integrations > Syslog. Ensure Formatting is set to CEF2.
In Your syslog host, enter the following:
- US: sentinel-us-ingest.skout-build.com
- EU: sentinel-eu-ingest.skout-build.com
In the textbox, after the ":", type 6514.
Check the Use TLS Secure Connection box.
Click Test.
Click Save.
Notify Barracuda XDR that you have configured Syslog forwarding.

To find your SentinelOne site ID

In a web browser, navigate to https://<DomainName>.sentinelone.net/dashboard, where <DomainName> is the domain name of your SentinelOne account.
In the left navigation bar, click Sentinels.
Click the name of the site.
Scroll to the right and click Site Info.
Copy the site ID to use in the To set up Barracuda XDR Dashboard procedure, below.

To set up Barracuda XDR Dashboard

In Barracuda XDR Dashboard, click Administration > Integrations
On the SentinelOne card, click Setup.
Select Enabled.
In the Site Id field, paste the Site ID you copied in the previous procedure.
Click Save.