Skip to main content
All CollectionsTemplatesIntermediate
Create Exclusions on Multiple SentinelOne Sites - Workflow Template
Create Exclusions on Multiple SentinelOne Sites - Workflow Template

Creates Exclusions for a list of path, browser or filetype Items. Exclusions can be created in one site or in multiple sites.

Updated over 7 months ago

This Torq workflow template allows organizations to automate the creation of exclusions on multiple SentinelOne sites effectively. Designed for Endpoint Detection and Response (EDR) purposes, it ensures the selected paths, browsers, or file types are excluded from detection processes across specified active sites. It precludes duplication by verifying exclusions don't pre-exist, streamlining the management of exclusion rules and enhancing security infrastructure efficiency.

Optional Triggers

"This workflow is intended to be used as a nested function."

Use Cases

Endpoint Detection and Response (EDR) ,Function

Workflow Breakdown

  1. Verifies each Site ID to be from valid and active Site.

  2. Verifies the Exclusion does not already exists.

  3. Creates an exclusion with the selected type.

Vendors

Utils, SentinelOne

Workflow Output

New Exceptions are created on Sentinel One Management

Did this answer your question?