Table of Contents
Sentinel One
Login Items
Background Items
Bundle Identifier:
com.sentinelone.
Notifications
Bundle ID:
com.sentinelOne.SentinelAgent
All settings should be checked.
Security and Privacy
Privacy
Application Bundle Identifier:
com.sentinelone.sentineld
App Code Requirement:
anchor apple generic and identifier "com.sentinelone.sentineld" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
Application Bundle Identifier:
com.sentinelone.sentineld-helper
App Code Requirement:
anchor apple generic and identifier "com.sentinelone.sentineld-helper" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
Application Bundle Identifier:
com.sentinelone.sentineld-shell
App Code Requirement:
anchor apple generic and identifier "com.sentinelone.sentineld-shell" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
Application Bundle Identifier: com.sentinelone.SentinelAgent
App Code Requirement:
anchor apple generic and identifier "com.sentinelone.SentinelAgent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
Application Bundle Identifier: com.sentinelone.extensions-wrapper
App Code Requirement:
anchor apple generic and identifier "com.sentinelone.extensions-wrapper" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
System Extensions
Removable Network Monitoring Extension
Team ID: 4AYE5J54KN
Bundle Identifier: com.sentinelone.network-monitoring
Allow Removable System Extensions: True
Allow User Override: True
Network Monitoring Extension
Team ID: 4AYE5J54KN
Web Filter
Deployment of this profile causes a brief connection loss.
Filter Grade: Firewall
Type: Plug-in
Filter Name: SentinelOne
Identifier: com.sentinelone.extensions-wrapper
Filter Socket Traffic: True
Socket Provider Designated Requirement:
identifier "com.sentinelone.network-monitoring" and anchor apple generic and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")
Socket Provider Bundle Identifier: com.sentinelone.network-monitoring
Custom Commands
Status
Show the command response as attribute on Device Info: True
#!/bin/sh # This script will check the status of the SentinelOne Agent if command -v sentinelctl 1>/dev/null; then echo "SentinelOne agent is installed with version `sentinelctl version | awk '{print $2}'` and was connected to management console `sentinelctl config Server Address | tail -1 | awk '{print $2}'`" else s1_agent=$(ps aux | grep -Ei "sentineld$" | awk '{ print $11 };' | grep -v grep) if [ -z $s1_agent ]; then echo "SentinelOne Agent is not Installed."; else s1_agent=$(echo $s1_agent | sed 's|sentineld|sentinelctl|g') echo "SentinelOne Agent is running but could not locate SentinelCtl in the default PATH /usr/local/bin. The full path is - $s1_agent." ; fi fi
Install PKG
App Bundle: com.sentinelone.SentinelAgent
Pre-Install Script
token="" echo "$token" | sudo tee %DownloadPath%/com.sentinelone.registration-token