Complete syslog toolkit for SentinelOne SDL; Three solutions: Simple collector; 3-in-1 pipeline; rootless high-performance; Choose based on complexity needs; Docker + official S1 support

Containerized—ROOTLESS—syslog-ng service that securely forwards system, firewall, and security logs to SentinelOne's Data Lake via HEC API. Optimized for performance, security, and enterprise deplo…

A lightweight, client-side JSON validation and formatting tool built with Astro, TypeScript, and Tailwind CSS. Features beautiful Catppuccin theming (Mocha/Latte), syntax highlighting, compress/pre…

How-to Guides on Data-Plumbing and Analytics

Production-ready Docker syslog collector with multi-source differentiation for SentinelOne SIEM integration

A community-driven collection of raw, multi-vendor log samples (Syslog, CEF, JSON) for parser development and security testing.

Stream syslog events directly into SentinelOne AI SIEM using a Dockerized collector. This project offers a clear, step-by-step guide, making it accessible for anyone looking to get started with log…

s1-collector-install-packages

Docker-based Scalyr (SentinelOne) agent for macOS (Intel & Apple Silicon). Ships host logs by default, easily extended for Docker JSON logs.

Log Volume Calculator (WIP)

🚀 SentinelOne AddEvents API Tester Easily send test log events to SentinelOne's addEvents API—without installing an agent. Ideal for POC/POV testing, this Zsh script randomizes event data, supports…

A universal Zsh script that logs any npm or Node-based command’s output as structured JSON, with environment-based configuration.