Skip to content

Releases: dannyota/s1ctl

v0.3.2

Choose a tag to compare

@github-actions github-actions released this 01 Jul 12:39
v0.3.2
137f15f

Changelog

  • 9d5f063: Add agents health, vulns health, alerts notes, bulk resolve filters (@dannyota)
  • 137f15f: Add docs generate command and command reference pages (@dannyota)

v0.3.1

Choose a tag to compare

@github-actions github-actions released this 01 Jul 12:03
v0.3.1
81760e4

Changelog

  • 81760e4: Add alert triage improvements, OS targeting, bulk resolve filters (@dannyota)

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 01 Jul 11:13
v0.3.0
6e42d01

Changelog

  • 6e42d01: Add 7 rules commands: health, trends, detections, validate, enable, disable, diff (@dannyota)

v0.2.1

Choose a tag to compare

@github-actions github-actions released this 01 Jul 07:03
v0.2.1
44439e3

Changelog

  • 44439e3: Add 12 commands, filters, sorting, health dashboard, docs (@dannyota)

v0.2.0

Choose a tag to compare

@dannyota dannyota released this 01 Jul 05:48
v0.2.0
023a2d2

Changelog

  • 023a2d2: Add CLI v2: 41 new commands, config-as-code, rate limiting, goreleaser (@dannyota)

v0.1.0

Choose a tag to compare

@dannyota dannyota released this 01 Jul 02:19
v0.1.0
d7c9f76

s1ctl v0.1.0

First release of s1ctl — CLI and Go SDK for SentinelOne Singularity Platform.

CLI

  • 17 list commands across agents, threats, alerts, sites, groups, exclusions, users, activities, applications, device control, firewall, remote ops, updates, tags, accounts, policies, and data lake
  • Output formats: --output table|json|csv (--json shorthand)
  • Pagination: --limit, --cursor, --all (auto-paginate all pages)
  • Sorting: --sort-by, --sort-order on sortable resources
  • Progress: TTY-aware spinners and progress indicators; --no-progress for scripting
  • Error display: --verbose for detailed errors, structured JSON errors with --json
  • Actions: agent isolate/connect/scan/decommission, threat mitigate/verdict/status — all dry-run by default
  • Config-as-code: exclusions pull/push with git-based review loop
  • Data lake: powerQuery via GraphQL (default) or REST

Go SDK

Three importable packages with no CLI dependency:

  • danny.vn/s1/mgmt — REST MGMT API (agents, threats, sites, groups, exclusions, policies, remote ops)
  • danny.vn/s1/graphql — GraphQL API (UAM alerts, xSPM vulnerabilities/misconfigurations, cloud policies)
  • danny.vn/s1/sdl — Singularity Data Lake (powerQuery via GraphQL and REST)

Install

go install danny.vn/s1/cmd/s1ctl@v0.1.0