SentinelOne Management Server Url Validation

docs/ninjaone/automations/sentinelone-management-console-validation.md

@@ -0,0 +1,51 @@
+---
+id: '4d9087cb-0cf3-4ade-863f-3a14c9b73d5e'
+slug: /4d9087cb-0cf3-4ade-863f-3a14c9b73d5e
+title: 'SentinelOne Management Console Validation'
+title_meta: 'SentinelOne Management Console Validation'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'The script validates whether the SentinelOne Management Server detected on the computer is different from what is set for the Client in NinjaRMM.'
+tags: ['antivirus', 'auditing']
+draft: false
+unlisted: false
+---
+
+## Overview
+
+The script validates whether the SentinelOne Management Server detected on the computer is different from what is set for the Client in NinjaRMM.
+
+## Sample Run
+
+- **Run As:** `System`  
+- **Preset Parameter:** `<Leave it blank>`  
+- **S1 Key Custom Field Name:** `<If you're using the 'cPVAL SentinelOne Key' custom field to store the SentinelOne installer key or token, leave this field blank. Otherwise, enter the name of the client-level custom field where the SentinelOne installation key is stored.>`  
+![Image1](../../../static/img/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e/image1.webp)
+
+## Dependencies
+
+- [cPVAL SentinelOne Key](/docs/44561301-d22b-4013-86af-d1842773d2ca)
+- [cPVAL SentinelOne Mgmt Server Discrepancy](/docs/1de41dd5-c222-45cb-9b74-5ae45bb86dd8)
+- [cPVAL SentinelOne Mgmt Server Url](/docs/0691fe63-dd6b-4f15-8b39-dce377d9064a)
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+## Parameters
+
+| Name | Example | Accepted Values | Required | Default | Type | Description |
+| ---- | ------- | --------------- | -------- | ------- | ---- | ----------- |
+| S1 Key Custom Field Name | sentineloneKey | | false | | String/Text | If you're using the 'cPVAL SentinelOne Key' custom field to store the SentinelOne installer key or token, leave this field blank. Otherwise, enter the name of the client-level custom field where the SentinelOne installation key is stored. |
+
+## Custom Fields
+
+| Name | Example | Required | Description |
+| ---- | ------- | -------- | ----------- |
+| [cPVAL SentinelOne Key](/docs/44561301-d22b-4013-86af-d1842773d2ca) | eyJ1cmwiOiAidXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsdXJsIiwgInNpdGVfa2V5IjogIjExMTExMTExMTExMTExMTEifQ== | true | If you're already using a custom field to store the SentinelOne installation token or key, there's no need to create a new one. Instead, simply reference the existing custom field by specifying its name in the runtime variable `S1 Key Custom Field Name`. |
+| [cPVAL SentinelOne Mgmt Server Discrepancy](/docs/1de41dd5-c222-45cb-9b74-5ae45bb86dd8) | Yes | false |  If the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or if there is any discrepancy between the two. Updated by the script. |
+| [cPVAL SentinelOne Mgmt Server Url](/docs/0691fe63-dd6b-4f15-8b39-dce377d9064a) | `https://usea1.sentinelone.net` | false | SentinelOne Management Server Url fetched from the Endpoint. Updated by the script. |
+
+## Automation Setup/Import
+
+[Automation Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/scripts/sentinelone-management-console-validation.ps1)
+
+## Output
+
+- Activity Details  
+- Custom Field

docs/ninjaone/conditions/sentinelone-management-console-validation.md

@@ -0,0 +1,29 @@
+---
+id: 'a947cc93-68a2-4ddc-a6dc-ae2cf4422c66'
+slug: /a947cc93-68a2-4ddc-a6dc-ae2cf4422c66
+title: 'SentinelOne Management Console Validation'
+title_meta: 'SentinelOne Management Console Validation'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'This ticket template configures how a ConnectWise Manage ticket will be generated in response to the SentinelOne Management Console Validation condition.'
+tags: ['antivirus', 'auditing', 'ticketing']
+draft: false
+unlisted: false
+---
+
+## Summary
+
+The condition runs the [SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e) automation once per day and generates a ticket with the script’s results if the SentinelOne Management Server detected on the computer is different from what is set for the Client in NinjaRMM.
+
+## Details
+
+- **Name:**  `SentinelOne Management Console Validation`  
+- **Description:**  `The condition runs the SentinelOne Management Console Validation automation once per day and generates a ticket with the script’s results if the SentinelOne Management Server detected on the computer is different from what is set for the Client in NinjaRMM.`  
+- **Recommended Agent Policies:**  `Windows Workstation`, `Windows Server`
+
+## Dependencies
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+- [Automation - SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e) 
+
+## Condition Creation
+
+[Condition Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/conditions/sentinelone-management-console-validation.toml)

docs/ninjaone/custom-fields/cpval-sentinelone-key.md

@@ -0,0 +1,43 @@
+---
+id: '44561301-d22b-4013-86af-d1842773d2ca'
+slug: /44561301-d22b-4013-86af-d1842773d2ca
+title: 'cPVAL SentinelOne Key'
+title_meta: 'cPVAL SentinelOne Key'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'SentinelOne Installation token.'
+tags: ['antivirus', 'auditing']
+draft: false
+unlisted: false
+---
+
+## Summary
+
+This custom field at the organization level stores the Sentinel Site Key. The Site Key is used for organizing and managing endpoints based on their physical or logical network location within the organization.
+
+**Note:** 
+- For [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93), there's no need to create this custom field if the partner is already using another custom field to store the SentinelOne installation token or key.  
+- Mandatory for [Automation - SentinelOne Deployment](/docs/4e0f294f-9ecf-42a2-9832-497d4305360e)
+
+## Details
+
+| Label | Field Name | Definition Scope | Type | Required | Default Value | Technician Permission | Automation Permission | API Permission | Description | Tool Tip | Footer Text | Custom Field Tab Name |
+| ----- | ---- | ---------------- | ---- | -------- | ------------- | --------------------- | --------------------- | -------------- | ----------- | -------- | ----------- |----------- |
+| cPVAL SentinelOne Key | cpvalSentineloneKey | Organization | Text | True | | Editable | Read/Write | Read/Write | Stores the Sentinel Site Key. The Site Key is used for organizing and managing endpoints based on their physical or logical network location within the organization. | Stores the Sentinel Site Key. The Site Key is used for organizing and managing endpoints based on their physical or logical network location within the organization.| SentinelOne Installation token. | SentinelOne |
+
+## Dependencies
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+- [Automation - SentinelOne Deployment](/docs/4e0f294f-9ecf-42a2-9832-497d4305360e)
+
+## Custom Field Creation
+
+[Custom Field Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/custom-fields/cpval-sentinelone-key.toml)
+
+## FAQ
+1. Should this custom field be created if client is not using our script [SentinelOne Deployment](/docs/4e0f294f-9ecf-42a2-9832-497d4305360e)?
+No. If they are not using our script for deployment and has a custom field already created with different name, then this custom field is not required to be created.
+
+2. Should I create this custom field if client wants both, our [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93) and [Automation - SentinelOne Deployment](/docs/4e0f294f-9ecf-42a2-9832-497d4305360e)?
+Yes.
+
+3. What if client is using different custom field to store the SentinelOne Key and wants to use our deployment script?
+Create this custom field and migrate their key from the old to new if possible. Both the contents are using this custom field by default. 

docs/ninjaone/custom-fields/cpval-sentinelone-mgmt-server-discrepancy.md

@@ -0,0 +1,30 @@
+---
+id: '1de41dd5-c222-45cb-9b74-5ae45bb86dd8'
+slug: /1de41dd5-c222-45cb-9b74-5ae45bb86dd8
+title: 'cPVAL SentinelOne Mgmt Server Discrepancy'
+title_meta: 'cPVAL SentinelOne Mgmt Server Discrepancy'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'If the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or if there is any discrepancy between the two.'
+tags: ['antivirus', 'auditing']
+draft: false
+unlisted: false
+---
+
+## Summary
+
+This custom field shows if the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or there is any discrepancy between the two.
+
+## Details
+
+| Label | Field Name | Definition Scope | Type | Required | Default Value | Technician Permission | Automation Permission | API Permission | Description | Tool Tip | Footer Text | Custom Field Tab Name Workstations  | Custom Field Tab Name Servers |
+| ----- | ---- | ---------------- | ---- | -------- | ------------- | --------------------- | --------------------- | -------------- | ----------- | -------- | ----------- | ----------- | ----------- |
+| cPVAL SentinelOne Mgmt Server Discrepancy | cpvalSentineloneMgmtServerDiscrepancy | Device | CheckBox | false | | Editable | Read/Write | Read/Write | This custom field shows if the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or if there is any discrepancy between the two.| This custom field shows if the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or if there is any discrepancy between the two.| SentinelOne Mgmt Server Discrepancy. | SentinelOne Management Server Url Wks | SentinelOne Management Server Url Svr |
+
+## Dependencies
+
+- [SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e)
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+
+## Custom Field Creation
+
+[Custom Field Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/custom-fields/cpval-sentinelone-mgmt-server-discrepancy.toml)

docs/ninjaone/custom-fields/cpval-sentinelone-mgmt-server-url.md

@@ -0,0 +1,30 @@
+---
+id: '0691fe63-dd6b-4f15-8b39-dce377d9064a'
+slug: /0691fe63-dd6b-4f15-8b39-dce377d9064a
+title: 'cPVAL SentinelOne Mgmt Server Url'
+title_meta: 'cPVAL SentinelOne Mgmt Server Url'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'SentinelOne Management Server Url fetched from the Endpoint'
+tags: ['antivirus', 'auditing']
+draft: false
+unlisted: false
+---
+
+## Summary
+
+This custom field stores the SentinelOne Management Server Url fetched from the Endpoint.
+
+## Details
+
+| Label | Field Name | Definition Scope | Type | Required | Default Value | Technician Permission | Automation Permission | API Permission | Description | Tool Tip | Footer Text | Custom Field Tab Name Workstations  | Custom Field Tab Name Servers |
+| ----- | ---- | ---------------- | ---- | -------- | ------------- | --------------------- | --------------------- | -------------- | ----------- | -------- | ----------- | ----------- | ----------- |
+| cPVAL SentinelOne Mgmt Server Url | cpvalSentineloneMgmtServerDiscrepancy | Device | Text | false | | Editable | Read/Write | Read/Write | SentinelOne Management Server Url fetched from the Endpoint | SentinelOne Management Server Url fetched from the Endpoint | SentinelOne Mgmt Server Url. | SentinelOne Management Server Url Wks | SentinelOne Management Server Url Svr |
+
+## Dependencies
+
+- [SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e)
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+
+## Custom Field Creation
+
+[Custom Field Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/custom-fields/cpval-sentinelone-mgmt-server-url.toml)

docs/ninjaone/cw-manage-ticket-templates/sentinelone-management-console.md

@@ -0,0 +1,29 @@
+---
+id: '3adab4f1-a92c-4004-aa3f-365bacc3b74b'
+slug: /3adab4f1-a92c-4004-aa3f-365bacc3b74b
+title: 'SentinelOne Management Console'
+title_meta: 'SentinelOne Management Console'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: 'This ticket template configures how a ConnectWise Manage ticket will be generated in response to the SentinelOne Management Console Validation condition.'
+tags: ['antivirus', 'auditing', 'ticketing']
+draft: false
+unlisted: false
+---
+
+## Overview
+
+This ticket template configures how a ConnectWise Manage ticket will be generated in response to the [SentinelOne Management Console Validation](/docs/a947cc93-68a2-4ddc-a6dc-ae2cf4422c66) condition.
+
+## Requirement
+
+Ensure that the ConnectWise Manage app is enabled and connected.  
+![Requirement](../../../static/img/docs/86a9b907-a95e-48a8-a304-2bb243c3b6a1/requirement.webp)
+
+## Dependencies
+
+- [SentinelOne Management Console Validation](/docs/a947cc93-68a2-4ddc-a6dc-ae2cf4422c66)
+- [Solution - SentinelOne Management Server Url Validation](/docs/5c97a683-f12f-4fb0-bc18-1720a561da93)
+
+## Template Creation
+
+[CW Manage Ticket Template Configuration](https://github.com/ProVal-Tech/ninjarmm/blob/main/cw-manage-ticket-templates/sentinelone-management-console.toml)

docs/solutions/sentinelone-management-server-url-validation.md

@@ -0,0 +1,109 @@
+---
+id: '5c97a683-f12f-4fb0-bc18-1720a561da93'
+slug: /5c97a683-f12f-4fb0-bc18-1720a561da93
+title: 'SentinelOne Management Server Url Validation'
+title_meta: 'SentinelOne Management Server Url Validation'
+keywords: ['sentinelone', 's1', 'management-console', 'management-server-url']
+description: This solution validates whether the SentinelOne Management Server URL detected on endpoints matches the value configured for the client in NinjaRMM, automatically flagging discrepancies and generating remediation tickets.'
+tags: ['antivirus', 'auditing', 'ticketing']
+draft: false
+unlisted: false
+---
+
+## Purpose
+
+This solution validates whether the SentinelOne Management Server URL detected on endpoints matches the value configured for the client in NinjaRMM. It automatically flags discrepancies and generates remediation tickets through ConnectWise Manage when mismatches are detected.
+
+## Associated Content
+
+### Custom Fields
+
+| Content | Definition Scope | Required | Type | Applicable OS | Function |
+| ------- | ---------------- | -------- | ---- | ------------- | -------- |
+| [cPVAL SentinelOne Key](/docs/44561301-d22b-4013-86af-d1842773d2ca) | `Organization` | Conditional | Text | All | Stores the SentinelOne Site Key for endpoint organization (only required if not using existing field) |
+| [cPVAL SentinelOne Mgmt Server Discrepancy](/docs/1de41dd5-c222-45cb-9b74-5ae45bb86dd8) | `Device` | True | CheckBox | Windows | Flags when endpoint's management URL differs from configured value |
+| [cPVAL SentinelOne Mgmt Server Url](/docs/0691fe63-dd6b-4f15-8b39-dce377d9064a) | `Device` | True | Text | Windows | Stores actual management URL detected on endpoint |
+
+### Automation
+
+| Content | Function |
+| ------- | -------- |
+| [SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e) | Compares endpoint's S1 management URL with configured value and flags discrepancies |
+
+### Condition
+
+| Content | Function |
+| ------- | -------- |
+| [SentinelOne Management Console Validation](/docs/a947cc93-68a2-4ddc-a6dc-ae2cf4422c66) | Triggers daily validation and ticket creation for discrepancies |
+
+### CW Manage Ticket Template
+
+| Content | Function |
+| ------- | -------- |
+| [SentinelOne Management Console](/docs/3adab4f1-a92c-4004-aa3f-365bacc3b74b) | Configures how tickets are generated in ConnectWise Manage |
+
+## Implementation
+
+### Step 1: Create Custom Fields
+
+1. **[cPVAL SentinelOne Mgmt Server Discrepancy](/docs/1de41dd5-c222-45cb-9b74-5ae45bb86dd8)**
+2. **[cPVAL SentinelOne Mgmt Server Url](/docs/0691fe63-dd6b-4f15-8b39-dce377d9064a)**
+3. **Optional**: [cPVAL SentinelOne Key](/docs/44561301-d22b-4013-86af-d1842773d2ca)  
+   *Only create this if you don't already have a custom field storing SentinelOne installation tokens*
+
+### Step 2: Import Automation
+
+Import the [SentinelOne Management Console Validation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e) automation
+
+### Step 3: Create Validation Condition
+
+Create the [SentinelOne Management Console Validation](/docs/a947cc93-68a2-4ddc-a6dc-ae2cf4422c66) condition
+
+### Step 4: Configure CW Manage Template
+
+1. Ensure ConnectWise Manage app is enabled
+2. Configure [SentinelOne Management Console](/docs/3adab4f1-a92c-4004-aa3f-365bacc3b74b) ticket template  
+   *Verify field mappings with your consultant as environments vary*
+
+## FAQ
+
+### 1. Do I need to create the 'cPVAL SentinelOne Key' custom field?
+
+Only create this field if you don't already have a custom field storing SentinelOne installation tokens. If you have an existing field, use its name in the automation's `S1 Key Custom Field Name` parameter instead.
+
+### 2. How often does the validation run?
+
+The condition runs the automation once per day. Discrepancies are flagged immediately upon detection.
+
+### 3. Where are discrepancies shown?
+
+Discrepancies appear in:
+
+- Device's `cPVAL SentinelOne Mgmt Server Discrepancy` checkbox
+- Generated ConnectWise Manage tickets
+- Automation activity details
+
+### 4. Why are my CW Manage tickets not generating correctly?
+
+Verify:
+
+1. ConnectWise Manage app is properly connected
+2. Ticket template field mappings match your environment
+3. Required custom fields exist and have values
+4. Technician permissions allow ticket creation
+
+### 5. Can I use existing custom fields instead of creating new ones?
+
+Yes, for the Site Key/Token field. Specify your existing field name in the `S1 Key Custom Field Name` parameter. The discrepancy and URL fields are required as they're updated by the automation.
+
+### 6. Can I run the validation manually?
+
+Yes, execute the [automation](/docs/4d9087cb-0cf3-4ade-863f-3a14c9b73d5e) manually on any endpoint to validate its configuration immediately.
+
+### 7 How to use the script's runtime parameter?
+
+Set runtime parameters:
+
+- **S1 Key Custom Field Name**:  
+  - *Leave blank* if using `cPVAL SentinelOne Key`  
+  - *Enter name* of existing custom field if storing token elsewhere