List Alerts
Retrieve a list of alerts from SentinelOne within a specified time range. The API allows you to filter alerts based on their creation time and set a limit on the number of results.
For more information on the SentinelOne API, see SentinelOne API Documentation (opens in a new tab).
SDK Import:
from admyral.actions import list_sentinel_one_alertsArguments:
| Argument Name | Description | Required |
|---|---|---|
Start Time start_time | The start time for the alerts to list. Must be in ISO 8601 format (YYYY-MM-DDTHH:MM:SSZ). | - |
End Time end_time | The end time for the alerts to list. Must be in ISO 8601 format (YYYY-MM-DDTHH:MM:SSZ). | - |
Limit limit | The maximum number of alerts to retrieve. Default: 1000 | Yes |
Returns
A JSON array of alerts.
Required Secrets
| Secret Placeholder | Description |
|---|---|
SENTINEL_ONE_SECRET | SentinelOne secret. See SentinelOne setup |
SDK Example
cases = list_sentinel_one_alerts(
secrets={
"SENTINEL_ONE_SECRET": "my_stored_sentinel_one_secret"
}
)