Actions682
- Marketplace Actions
- Web Api Singularity Marketplace Applications Delete
- Web Api Singularity Marketplace Applications Catalog Get
- Web Api Singularity Marketplace Applications Catalog Application Catalog Id Config Get
- Web Api Singularity Marketplace Applications Application Mode Post
- Web Api Singularity Marketplace Applications Application Id Config Get
- Web Api Singularity Marketplace Applications Id Log Get
- Web Api Singularity Marketplace Applications Put
- Web Api Singularity Marketplace Applications Get
- Web Api Singularity Marketplace Applications Post
- Application Actions
- Web Api Singularity Marketplace Applications Get
- Web Api Singularity Marketplace Applications Put
- Web Api Singularity Marketplace Applications Post
- Web Api Singularity Marketplace Applications Delete
- Web Api Singularity Marketplace Applications Application Id Config Get
- Web Api Singularity Marketplace Applications Application Mode Post
- Web Api Singularity Marketplace Applications Id Log Get
- Applications Catalog Actions
- Overview Actions
- Threats Actions
- Web Api Export Threats Threat Id Explore Events Get
- Web Api Threats Get
- Web Api Threats Mitigate Action Post
- Web Api Threats Add To Blacklist Post
- Web Api Threats Threat Id Explore Events Get
- Web Api Threats Fetch File Post
- Web Api Threats Engines Disable Post
- Web Api Threats Threat Id Whitening Options Get
- Web Api Threats Add To Exclusions Post
- Web Api Threats Export Get
- Web Api Threats Dv Add To Blacklist Post
- Web Api Threats Dv Mark As Threat Post
- Web Api Export Threats Threat Id Timeline Get
- Unprotected Endpoints Discovery Actions
- Users Actions
- Web Api Users Get
- Web Api Export Users Get
- Web Api Users Delete Users Post
- Web Api Users User Id Get
- Web Api Users User Id Put
- Web Api Users User Id Delete
- Web Api Users Generate Iframe Token Post
- Web Api Users 2 Fa Enable Post
- Web Api Users 2 Fa Disable Post
- Web Api Users Generate Api Token Post
- Web Api Users Enable App Post
- Web Api Users Revoke Api Token Post
- Web Api Users User Id Api Token Details Get
- Web Api Users Api Token Details Post
- Web Api Users Request App Post
- Web Api Users Change Password Post
- Web Api Users Auth Elevate Post
- Web Api Users Onboarding Verify Post
- Web Api Users Onboarding Validate Token Get
- Web Api Users Onboarding Send Verification Email Post
- Web Api Users Reset 2 Fa Post
- Web Api Users Delete 2 Fa Post
- Web Api Users Enroll 2 Fa Post
- Web Api Users Login By Api Token Post
- Web Api Users Login Sso Saml 2 Get
- Web Api Users Login Sso Saml 2 Scope Id Post
- Web Api Users Login Post
- Web Api Users Login By Token Get
- Web Api Users Login Continue Post
- Web Api Users Login Set Password Post
- Web Api Users Login Send Reset Password Email Post
- Web Api Users Login Force Reset Password On Login Post
- Web Api Users Auth App Post
- XDR Datalake Inventory Unified Actions Actions
- Settings Actions
- Web Api Settings Active Directory Scope Mapping Put
- Web Api Settings Active Directory Scope Mapping Get
- Web Api Settings Active Directory Test Post
- Web Api Settings Microsoft Get
- Web Api Settings Microsoft Put
- Web Api Settings Microsoft Test Post
- Web Api Settings Sso Get
- Web Api Settings Sso Put
- Web Api Settings Sso Sp Cert Get
- Web Api Settings Sso Sp Cert Download Get
- Web Api Settings Notifications Cancel Pending Emails Post
- Web Api Settings Sso Test Post
- Web Api Settings Notifications Get
- Web Api Settings Notifications Put
- Web Api Settings Smtp Get
- Web Api Settings Smtp Put
- Web Api Settings Smtp Test Post
- Web Api Settings Syslog Get
- Web Api Settings Sms Put
- Web Api Settings Syslog Put
- Web Api Settings Syslog Test Post
- Web Api Settings Sms Get
- Web Api Settings Recipients Get
- Web Api Settings Recipients Recipient Id Delete
- Web Api Settings Recipients Put
- Web Api Settings Active Directory Get
- Web Api Settings Active Directory Put
- Alerts Actions
- Licenses Actions
- Sites Actions
- Web Api Sites Get
- Web Api Sites Site Id Put
- Web Api Sites Post
- Web Api Export Sites Get
- Web Api Sites Site Id Get
- Web Api Sites Site Id Delete
- Web Api Sites Site Id Revert Policy Put
- Web Api Sites Site Id Token Get
- Web Api Sites Duplicate Site Post
- Web Api Site With Admin Post
- Web Api Sites Site Id Regenerate Key Put
- Web Api Sites Site Id Reactivate Put
- Web Api Sites Site Id Local Authorization Put
- Web Api Sites Site Id Expire Now Post
- Web Api Sites Update Bulk Put
- Web Api Sites Site Id Local Authorization Get
- Web Api Sites Site Id Local Upgrade Approved Agents Csv Get
- System Actions
- Tag Manager Actions
- Tags Actions
- Tasks Actions
- Threat Intelligence Actions
- Threat Notes Actions
- Remote Ops Forensics Actions
- Web Api Remote Ops Forensics Collection File Url Get
- Web Api Remote Ops Forensics Start Collection Post
- Web Api Remote Ops Forensics Task Result Get
- Web Api Remote Ops Forensics Is Collection File Get
- Web Api Remote Ops Forensics Collection Profiles Profile Id Get
- Web Api Remote Ops Forensics Collection Profiles Profile Id Put
- Web Api Remote Ops Forensics Collection Profiles Get
- Web Api Remote Ops Forensics Collection Profiles Post
- Web Api Remote Ops Forensics Collection Profiles Delete
- Remote Ops Scripts Actions
- Web Api Remote Scripts Status Get
- Web Api Remote Scripts Execute Post
- Web Api Remote Scripts Script Content Get
- Web Api Remote Scripts Fetch Files Post
- Web Api Remote Scripts Get
- Web Api Remote Scripts Post
- Web Api Remote Scripts Delete
- Web Api Remote Scripts Script Id Put
- Web Api Remote Scripts Pending Executions Pending Execution Id Put
- Web Api Remote Scripts Edit Script Id Put
- Web Api Remote Scripts Pending Executions Get
- Web Api Remote Scripts Guardrails Configuration Get
- Web Api Remote Scripts Guardrails Configuration Post
- Web Api Remote Scripts Guardrails Configuration Delete
- Web Api Remote Scripts Guardrails Check Post
- Reports Actions
- Sentinel Deploy Actions
- Service Users Actions
- Mobile Integration Actions
- Web Api Mobile Integration Provisioning Tenant Post
- Web Api Mobile Integration Provisioning Can Provision Tenant Get
- Web Api Mobile Integration Activation Anonymous Post
- Web Api Mobile Integration Activation Anonymous Get
- Web Api Mobile Integration Activation User Activation Post
- Web Api Mobile Integration Activation User Activation Get
- Web Api Mobile Integration Activation User Activation Resend Activations Put
- Web Api Mobile Integration Activation User Activation Cancel Activations Put
- Web Api Mobile Integration Activation User Activation Validate Import Post
- Web Api Mobile Integration Activation User Activation Import Post
- Web Api Mobile Integration Devices Device Id Get
- Web Api Mobile Integration Devices Get
- Web Api Mobile Integration Incidents Get
- Web Api Mobile Integration Incidents Analyst Verdict Post
- Web Api Mobile Integration Incidents Incident Status Post
- Web Api Mobile Integration Incidents Mitigate Mitigation Action Post
- Web Api Mobile Integration Incidents Incident Id Notes Post
- Web Api Mobile Integration Incidents Incident Id Notes Note Id Put
- Web Api Mobile Integration Management Test Connection Post
- Web Api Mobile Integration Incidents Incident Id Notes Note Id Delete
- Web Api Mobile Integration Management Create Interim Connection Post
- Web Api Mobile Integration Management Create Connection Post
- Web Api Mobile Integration Management Connections Connection Id Put
- Web Api Mobile Integration Management Connections Connection Id Delete
- Web Api Mobile Integration Management Can Create Connection Get
- Web Api Mobile Integration Management Connections Get
- Web Api Mobile Integration Management Connections Conn Id Managed Groups Get
- Web Api Mobile Integration Management Connections Connection Id Sync Devices Post
- Web Api Mobile Integration Policy Post
- Web Api Mobile Integration Tenant Policy Put
- Web Api Mobile Integration Management Connections Conn Id Response Groups Get
- Web Api Mobile Integration Management App Config Get
- Web Api Mobile Integration Management Connections Conn Id Device Groups Get
- Web Api Mobile Integration Management Connections Connection Id Groups Put
- Web Api Mobile Integration Accounts Account Id Policy Get
- Web Api Mobile Integration Accounts Account Id Policy Put
- Web Api Mobile Integration Accounts Account Id Policy Delete
- Web Api Mobile Integration Sites Site Id Policy Get
- Web Api Mobile Integration Sites Site Id Policy Delete
- Web Api Mobile Integration Sites Site Id Policy Put
- Web Api Mobile Integration Groups Group Id Policy Get
- Web Api Mobile Integration Groups Group Id Policy Put
- Web Api Mobile Integration Groups Group Id Policy Delete
- Web Api Mobile Integration Provisioning Partner Key Get
- Web Api Mobile Integration Provisioning Partner Key Put
- Web Api Mobile Integration Provisioning Partner Key Post
- Web Api Mobile Integration Provisioning Tenant Get
- Web Api Mobile Integration Provisioning Partner Key Client Id Delete
- Network Discovery Actions
- Network Discovery Self Enablement Actions
- Network Quarantine Control Actions
- Web Api Firewall Control Firewall Rule Category Get
- Web Api Firewall Control Firewall Rule Category Post
- Web Api Firewall Control Firewall Rule Category Delete
- Web Api Firewall Control Firewall Rule Category Copy Rules Post
- Web Api Firewall Control Firewall Rule Category Move Rules Post
- Web Api Firewall Control Firewall Rule Category Reorder Put
- Web Api Firewall Control Firewall Rule Category Set Location Post
- Web Api Firewall Control Firewall Rule Category Configuration Get
- Web Api Firewall Control Firewall Rule Category Configuration Put
- Web Api Firewall Control Firewall Rule Category Export Get
- Web Api Firewall Control Firewall Rule Category Import Post
- Web Api Firewall Control Firewall Rule Category Enable Put
- Web Api Firewall Control Firewall Rule Category Protocols Get
- Web Api Firewall Control Firewall Rule Category Remove Tags Post
- Web Api Firewall Control Firewall Rule Category Add Tags Post
- Platform Detection Rules Actions
- Policies Actions
- RBAC Actions
- Remote Ops MMS Actions
- Web Api Remote Ops Data Exporter Destination Profiles Get
- Web Api Remote Ops Data Exporter Destination Profiles Post
- Web Api Remote Ops Data Exporter Destination Profiles Profile Id Put
- Web Api Remote Ops Data Exporter Destination Profiles Delete
- Web Api Remote Ops Data Exporter Destination Profiles Profile Id Get
- Web Api Remote Ops Data Exporter Destination Profiles Set Default Post
- Web Api Remote Ops Data Exporter Destination Profiles Profile Id Delete
- Web Api Remote Ops Data Exporter Results Get
- Web Api Remote Ops Schedule Remote Script Post
- Web Api Remote Ops Schedule Forensics Post
- Web Api Remote Ops Scheduled Tasks Get
- Web Api Remote Ops Scheduled Tasks Delete
- Web Api Remote Ops Scheduled Tasks Scheduled Task Id Put
- Log Collection Actions
- Web Api Log Collection Rules Agent Type Get
- Web Api Log Collection Agent Type Count Get
- Web Api Log Collection Rules Rule Id Put
- Web Api Log Collection Rules Activation Post
- Web Api Log Collection Rules Export Get
- Web Api Log Collection Rules Export Agent Type Get
- Web Api Log Collection Rules Get
- Web Api Log Collection Rules Post
- Web Api Log Collection Rules Delete
- Firewall Control Actions
- Web Api Firewall Control Protocols Get
- Web Api Firewall Control Export Get
- Web Api Firewall Control Import Post
- Web Api Firewall Control Enable Put
- Web Api Firewall Control Add Tags Post
- Web Api Firewall Control Remove Tags Post
- Web Api Firewall Control Tag Rules Tag Id Get
- Web Api Firewall Control Firewall Rule Category Put
- Web Api Firewall Control Get
- Web Api Firewall Control Post
- Web Api Firewall Control Delete
- Web Api Firewall Control Copy Rules Post
- Web Api Firewall Control Reorder Put
- Web Api Firewall Control Move Rules Post
- Web Api Firewall Control Set Location Post
- Web Api Firewall Control Configuration Get
- Web Api Firewall Control Configuration Put
- Forensics Actions
- Gateways Actions
- Graph Actions
- Graph Query Builder Actions
- Web Api Xdr Graph Explorer Query Builder Metadata Get
- Web Api Xdr Graph Explorer Query Builder Metadata Available Options V 2 Get
- Web Api Xdr Graph Explorer Query Builder Autocomplete V 2 Get
- Web Api Xdr Graph Explorer Query Builder Autocomplete Get
- Web Api Xdr Graph Explorer Query Builder Tag Autocomplete Post
- Web Api Xdr Private Graph Services Features Get
- Web Api Xdr Graph Explorer Query Builder Metadata Available Relations Get
- Hashes Actions
- Graph Query Management Actions
- Web Api Xdr Graph Explorer Query Management Recent Queries Get
- Web Api Xdr Graph Explorer Query Management Query Get
- Web Api Xdr Graph Explorer Query Management Query Post
- Web Api Xdr Graph Explorer Query Management Query Query Id Put
- Web Api Xdr Graph Explorer Query Management Query Type Counts Get
- Web Api Xdr Graph Explorer Query Management Query Query Id Delete
- Groups Actions
- Web Api Groups Get
- Web Api Groups Post
- Web Api Groups Group Id Regenerate Key Put
- Web Api Groups Group Id Get
- Web Api Groups Group Id Put
- Web Api Groups Group Id Delete
- Web Api Groups Ranks Put
- Web Api Groups Group Id Revert Policy Put
- Web Api Groups Group Id Move Agents Put
- Web Api Groups Group Id Token Get
- Inventory Notes Actions
- Inventory Tags Actions
- Live Updates Actions
- Locations Actions
- Device Control Actions
- Web Api Device Control Rule Id Put
- Web Api Device Control Post
- Web Api Device Control Move Rules Post
- Web Api Device Control Delete
- Web Api Device Control Copy Rules Post
- Web Api Device Control Reorder Put
- Web Api Device Control Configuration Get
- Web Api Device Control Configuration Put
- Web Api Device Control Export Get
- Web Api Device Control Events Get
- Web Api Device Control Enable Put
- Web Api Device Control Get
- Exclusions And Blocklist Actions
- Web Api Exclusions Import Post
- Web Api Restrictions Import Post
- Web Api Exclusions Report Report Id Get
- Web Api Restrictions Report Report Id Get
- Web Api Exclusions Get
- Web Api Exclusions Put
- Web Api Exclusions Post
- Web Api Exclusions Delete
- Web Api Restrictions Post
- Web Api Restrictions Get
- Web Api Exclusions Validate Post
- Web Api Restrictions Put
- Web Api Restrictions Delete
- Web Api Restrictions Validate Post
- Web Api Export Exclusions Get
- Web Api Export Restrictions Get
- Exclusions V 2 1 Actions
- Filters Actions
- Web Api Filters Post
- Web Api Filters Get
- Web Api Filters Filter Id Put
- Web Api Filters Filter Id Delete
- Web Api Filters Dv Get
- Web Api Filters Dv Post
- Web Api Xdr Filters Get
- Web Api Filters Dv Filter Id Put
- Web Api Filters Dv Filter Id Delete
- Web Api Filters Csv Filter Post
- Web Api Xdr Filters Post
- Web Api Xdr Filters Filter Id Put
- Web Api Xdr Private Filters Enriched Get
- Web Api Xdr Filters Filter Id Delete
- Datalake Inventory Server Actions
- Datalake Inventory Network Discovery Actions
- Web Api Xdr Assets Surface Network Discovery Filters Count Get
- Web Api Xdr Assets Surface Network Discovery Filters Autocomplete Get
- Web Api Xdr Assets Surface Network Discovery Get
- Web Api Xdr Assets Surface Network Discovery Export Get
- Web Api Xdr Assets Surface Network Discovery Available Actions With Status Post
- Web Api Xdr Assets Surface Network Discovery Action Post
- Datalake Inventory Network Filters Actions
- Datalake Inventory Server Filters Actions
- Datalake Inventory Storage Actions
- Datalake Inventory Container Actions
- Datalake Inventory Storage Filters Actions
- Datalake Inventory Workstation Actions
- Datalake Inventory Workstations Actions
- Web Api Xdr Assets Workstation Filters Count Get
- Web Api Xdr Assets Workstation Filters Autocomplete Get
- Web Api Xdr Assets Surface Endpoint Filters Count Get
- Web Api Xdr Assets Surface Endpoint Filters Autocomplete Get
- Web Api Xdr Assets Surface Cloud Filters Count Get
- Web Api Xdr Assets Surface Cloud Filters Autocomplete Get
- Cloud Funnel Actions
- Web Api Cloud Funnel Onboarding Get
- Web Api Cloud Funnel Validate Bucket Permissions Post
- Web Api Cloud Funnel Onboarding Post
- Web Api Cloud Funnel Onboarding Delete
- Web Api Cloud Funnel Validate Query Post
- Web Api Cloud Funnel Estimator Get
- Web Api Cloud Funnel Estimator Post
- Web Api Cloud Funnel Assume Role External Id Get
- Datalake Inventory Developer Tool Filters Actions
- Deep Visibility Actions
- Agents Actions
- Web Api Agents Agent Id Uploads Activity Id Get
- Web Api Agents Applications Get
- Web Api Agents Processes Get
- Web Api Export Agents Get
- Web Api Agents Agent Id Local Upgrade Authorization Get
- Web Api Agents Enable Hyper Automation Pna Post
- Web Api Agents Disable Hyper Automation Pna Post
- Web Api Export Agents Light Get
- Web Api Agents Count Get
- Web Api Agents Get
- Web Api Agents Passphrases Get
- Web Api Agents Tags Get
- Web Api Agents Tags Filters Count Get
- Datalake Surface Identity Actions
- Datalake Unified Actions Actions
- Datalake Inventory Data Analysis Actions
- Datalake Inventory Developer Tool Actions
- Datalake Inventory Device Actions
- Datalake Inventory Device Filters Actions
- Datalake Inventory Endpoint Actions
- Datalake Inventory Filters Actions
- Datalake Inventory Function Actions
- Datalake Inventory Function Filters Actions
- Datalake Inventory Governance Actions
- Custom Detection Rule Actions
- Datalake Inventory Governance Filters Actions
- Datalake Inventory Identity Actions
- Datalake Inventory Identity Filters Actions
- Datalake Inventory Network Actions
- Datalake Inventory Actions
- Web Api Xdr Assets Action Post
- Web Api Xdr Assets Categories Get
- Web Api Xdr Assets Cloud Tags Export Get
- Web Api Xdr Assets Sub Categories Get
- Web Api Xdr Assets Asset Counts Get
- Web Api Xdr Assets Get
- Web Api Xdr Assets Post
- Web Api Xdr Assets Export Get
- Web Api Xdr Assets Available Actions With Status Post
- Cloud Resources Actions
- Config Overrides Actions
- Datalake Inventory AI ML Actions
- Datalake Inventory AI ML Filters Actions
- Datalake Inventory Account Actions
- Datalake Inventory Cloud Actions
- Datalake Inventory Account Filters Actions
- Datalake Inventory Analysis Filters Actions
- Datalake Inventory Application Integration Filters Actions
- Datalake Inventory Cloud Application Filters Actions
- Datalake Inventory Container Filters Actions
- Agent Support Actions Actions
- Agents Repository Beta Actions
- Application Management Actions
- Web Api Application Management Risks Export Csv Get
- Web Api Application Management Risks Get
- Web Api Application Management Scan Post
- Web Api Application Management Inventory Get
- Web Api Application Management Inventory Export Csv Get
- Web Api Application Management Inventory Endpoints Get
- Web Api Application Management Inventory Endpoints Export Csv Get
- Web Api Application Management Risks Aggregated Applications Get
- Web Api Application Management Risks Cves Get
- Web Api Application Management Risks Cves Export Csv Get
- Web Api Application Management Risks Aggregated Applications Export Csv Get
- Web Api Application Management Risks Applications Get
- Web Api Application Management Risks Applications Export Csv Get
- Web Api Application Management Risks Endpoints Get
- Web Api Application Management Risks Endpoints Export Csv Get
- Web Api Application Management Inventory Applications Get
- Accounts Actions
- Web Api Accounts Account Id Put
- Web Api Accounts Get
- Web Api Accounts Post
- Web Api Accounts Account Id Get
- Web Api Accounts Account Id Revert Policy Put
- Web Api Accounts Account Id Reactivate Put
- Web Api Accounts Account Id Expire Now Post
- Web Api Accounts Account Id Uninstall Password Metadata Get
- Web Api Accounts Account Id Uninstall Password Revoke Post
- Web Api Accounts Account Id Uninstall Password View Get
- Web Api Accounts Account Id Uninstall Password Generate Post
- Web Api Export Accounts Get
- Application Management Settings Actions
- Application Risk Deprecated Actions
- Application Risk Actions
- Auto Upgrade Policy Actions
- Web Api Upgrade Policy All Policies Count Get
- Web Api Upgrade Policy Available Packages Get
- Web Api Upgrade Policy Has Policy Post
- Web Api Upgrade Policy Parent Policies Get
- Web Api Upgrade Policy Policies Count Get
- Web Api Upgrade Policy Policies Get
- Web Api Upgrade Policy Policies Post
- Web Api Upgrade Policy Policy Post
- Web Api Upgrade Policy Policy Policyid Put
- Web Api Upgrade Policy Policy Policyid Post
- Web Api Upgrade Policy Policy Policyid Reset Retry Counter Put
- Web Api Upgrade Policy Reorder Put
- Web Api Upgrade Policy Set Inheriting Put
- Cloud Provider Account Actions
- Activities Actions
- Agent Actions Actions
- Web Api Agents Actions Broadcast Post
- Web Api Agents Actions Connect Post
- Web Api Agents Actions Fetch Logs Post
- Web Api Agents Actions Disconnect Post
- Web Api Agents Actions Initiate Scan Post
- Web Api Agents Actions Uninstall Post
- Web Api Agents Actions Abort Scan Post
- Web Api Agents Actions Decommission Post
- Web Api Agents Actions Restart Machine Post
- Web Api Agents Actions Shutdown Post
- Web Api Agents Actions Approve Uninstall Post
- Web Api Agents Actions Reject Uninstall Post
- Web Api Agents Actions Set Config Post
- Web Api Agents Actions Update Software Post
- Web Api Agents Actions Reset Local Config Post
- Web Api Agents Actions Set External Id Post
- Web Api Agents Agent Id Actions Fetch Files Post
- Web Api Agents Actions Move To Site Post
- Web Api Agents Actions Fetch Firewall Rules Post
- Web Api Agents Actions Move To Console Post
- Web Api Agents Actions Fetch Installed Apps Post
- Web Api Agents Actions Terminate Remote Shell Post
- Web Api Agents Actions Start Remote Shell Post
- Web Api Agents Actions Can Start Remote Shell Post
- Web Api Agents Actions Firewall Logging Post
- Web Api Agents Actions Randomize Uuid Post
- Web Api Agents Actions Mark Up To Date Post
- Web Api Agents Actions Ranger Enable Post
- Web Api Agents Actions Ranger Disable Post
- Web Api Agents Actions Local Upgrade Authorization Post
- Web Api Agents Actions Start Profiling Post
- Web Api Agents Actions Disable Agent Post
- Web Api Agents Actions Enable Agent Post
- Web Api Agents Actions Stop Profiling Post
- Web Api Agents Actions Approve Stateless Upgrade Post
- Web Api Agents Actions Manage Tags Post
Overview
This node operation retrieves activity records from the AvantGuard SentinelOne system via its Web API. It allows users to fetch detailed activity logs filtered by various criteria such as activity types, user IDs, timestamps, and related entities like alerts or threats. This is useful for security analysts or system administrators who want to monitor, audit, or investigate activities within their SentinelOne environment. For example, one could fetch all activities related to a specific threat or within a certain time range to analyze security events.
Properties
| Name | Meaning |
|---|---|
| Additional Query Parameters | Optional filters and parameters to customize the activity retrieval query, such as filtering by activity types, user IDs, timestamps, sorting options, and pagination controls. |
Output
JSON
activities- Array of activity objects returned by the API matching the query parameters.totalCount- Total number of activities matching the query, if count is requested or available.cursor- Cursor token for fetching the next page of results if pagination is used.
Dependencies
- Requires an API key credential for AvantGuard SentinelOne API access.
- Depends on the '@avantguardllc/n8n-openapi-node' package for OpenAPI integration.
Troubleshooting
- If the node returns authentication errors, verify that the API key credential is correctly configured and has sufficient permissions.
- If no activities are returned, check the filter parameters for correctness and ensure that matching activities exist in the SentinelOne system.
- Pagination parameters like 'cursor' and 'skip' must be used carefully to avoid missing or duplicating data when iterating over large datasets.
- Using 'countOnly' with other filters can help quickly check the number of matching activities without fetching full data.
- Ensure date/time filters use the correct ISO 8601 format to avoid query errors.