SentinelOne Azure Sentinel Connector Error

Jan Stodola 26 Reputation points
2022-09-21T19:47:02.277+00:00

Hello,
I am running SentinelOne Azure Sentinel connector. I get lots of logs, but also 140 errors/day in Function SentinelOneSentinelConnector. The log looks like the one below.
Any ideas?

Thank you.
Jan

   ``  
   2022-09-21T19:40:00Z   [Information]   Executing 'Functions.SentinelOneSentinelConnector' (Reason='Timer fired at 2022-09-21T19:40:00.0023571+00:00', Id=51f4373e-97fb-4bb1-afe0-abce04f61972)  
   2022-09-21T19:40:00Z   [Verbose]   Sending invocation id:51f4373e-97fb-4bb1-afe0-abce04f61972  
   2022-09-21T19:40:00Z   [Verbose]   Posting invocation id:51f4373e-97fb-4bb1-afe0-abce04f61972 on workerId:8a7e044a-aaa3-4ff3-b413-9dce98d80e74  
   2022-09-21T19:40:00Z   [Information]   Python timer trigger function ran at 2022-09-21T19:40:00.042592+00:00  
   2022-09-21T19:40:00Z   [Information]   Starting program  
   2022-09-21T19:40:00Z   [Information]   Request URL: 'https://sonejgavhdscd4dmq.file.core.windows.net/funcstatemarkershare/funcstatemarkerfile'  
   2022-09-21T19:40:00Z   [Information]   Request method: 'GET'  
   2022-09-21T19:40:00Z   [Information]   Request headers:  
   2022-09-21T19:40:00Z   [Information]       'Accept': 'application/xml'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-version': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-range': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'User-Agent': 'azsdk-python-storage-file-share/12.3.0 Python/3.8.13 (Linux-5.10.102.2-microsoft-standard-x86_64-with-glibc2.2.5)'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-date': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-client-request-id': '2e021552-39e5-11ed-98bb-00155d52b14c'  
   2022-09-21T19:40:00Z   [Information]       'Authorization': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]   No body was attached to the request  
   2022-09-21T19:40:00Z   [Information]   Response status: 206  
   2022-09-21T19:40:00Z   [Information]   Response headers:  
   2022-09-21T19:40:00Z   [Information]       'Content-Length': '27'  
   2022-09-21T19:40:00Z   [Information]       'Content-Type': 'application/octet-stream'  
   2022-09-21T19:40:00Z   [Information]       'Content-Range': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'Last-Modified': 'Wed, 21 Sep 2022 19:30:00 GMT'  
   2022-09-21T19:40:00Z   [Information]       'Accept-Ranges': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'ETag': '"0x8DA9C07ACBE572C"'  
   2022-09-21T19:40:00Z   [Information]       'Server': 'Windows-Azure-File/1.0 Microsoft-HTTPAPI/2.0'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-request-id': 'a0b0e88f-e01a-0029-64f1-cd9769000000'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-client-request-id': '2e021552-39e5-11ed-98bb-00155d52b14c'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-version': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-type': 'REDACTED'  
   2022-09-21T19:40:00Z   [Information]       'x-ms-server-encrypted': 'REDACTED'  
   2022-09-21T19:40:01Z   [Information]   Getting report: agents_updated_events  
   2022-09-21T19:40:03Z   [Error]   Something wrong. Error code: 403
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
996 questions
{count} vote