github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Update CrowdStrike and SentinelOne connectors (#219887)

Browse source
This commit is contained in:
Lisa Cawley 2025-05-08 11:34:40 -07:00 committed by GitHub
parent 154ed1ef6f
commit f3115c6746
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 133 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

19
docs/reference/connectors-kibana/crowdstrike-action-type.md
View file

@ -11,10 +11,6 @@ applies_to:
# CrowdStrike connector [crowdstrike-action-type]
::::{warning}
This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
::::
The CrowdStrike connector communicates with CrowdStrike Management Console via REST API.
To use this connector, you must have authority to run {{endpoint-sec}} connectors, which is an **{{connectors-feature}}** sub-feature privilege. Refer to [{{kib}} privileges](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md).
@ -41,6 +37,17 @@ CrowdStrike client ID
Client secret
: The CrowdStrike API client secret to authenticate the client ID.
## Test connectors [crowdstrike-action-parameters]
## Test connectors [crowdstrike-action-configuration]
You can test connectors as youre creating or editing the connector in {{kib}}. For example:
:::{image} ../images/crowdstrike-connector-test.png
:screenshot:
:alt: CrowdStrike connector test
:::
The CrowdStrike action has the following configuration properties:
Agent IDs
: Get details about one or more CrowdStrike agent IDs.
At this time, you cannot test the CrowdStrike connector.

13
docs/reference/connectors-kibana/sentinelone-action-type.md
View file

@ -11,10 +11,6 @@ applies_to:
# SentinelOne connector [sentinelone-action-type]
::::{warning}
This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
::::
The SentinelOne connector communicates with SentinelOne Management Console via REST API.
To use this connector, you must have authority to run {{endpoint-sec}} connectors, which is an **{{connectors-feature}}** sub-feature privilege. Refer to [{{kib}} privileges](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md).
@ -40,4 +36,11 @@ URL
## Test connectors [sentinelone-action-parameters]
At this time, you cannot test the SentinelOne connector.
You can test connectors as you're creating or editing the connector in {{kib}}.
For example:
:::{image} ../images/sentinelone-connector-test.png
:alt: SentinelOne connector test
:screenshot:
:::

BIN
docs/reference/images/crowdstrike-connector-test.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
docs/reference/images/crowdstrike-connector.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 174 KiB

After

Width:  |  Height:  |  Size: 130 KiB

Before After
Before After

BIN
docs/reference/images/sentinelone-connector-test.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 76 KiB

BIN
docs/reference/images/sentinelone-connector.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 142 KiB

After

Width:  |  Height:  |  Size: 115 KiB

Before After
Before After