> ## Documentation Index
> Fetch the complete documentation index at: https://docs.leen.dev/llms.txt
> Use this file to discover all available pages before exploring further.
# EDR Integrations
> Information about the EDR integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
## Supported Fields
| Leen Model | SentinelOne EDR1 | CrowdStrike EDR | Microsoft Defender |
| ----------------------------------------------- | --------------------------- | --------------- | ------------------ |
| `vendor_id` | ✅ | ✅ | ✅ |
| `title` | ✅ | ✅ | ✅ |
| `description` | | ✅ | ✅ |
| `assigned_user` | | ✅ | ✅ |
| `severity` | ✅ | ✅ | ✅ |
| `vendor_severity` | ✅ | ✅ | ✅ |
| `status` | ✅ | ✅ | ✅ |
| `vendor_status` | ✅ | ✅ | ✅ |
| `first_event_time` | ✅ | ✅ | ✅ |
| `last_event_time` | ✅ | ✅ | ✅ |
| `resolved_time` | | ✅ | ✅ |
| `pid` | ✅ | ✅ | ✅ |
| `process_created_at` | | | ✅ |
| `process_filename` | | ✅ | ✅ |
| `process_command_line` | ✅ | ✅ | ✅ |
| `process_sha1` | ✅ | | ✅ |
| `process_sha256` | ✅ | ✅ | ✅ |
| `process_md5` | ✅ | ✅ | |
| `parent_pid` | ✅ | ✅ | ✅ |
| `user_name` | ✅ | ✅ | ✅ |
| `windows_sid` | | | ✅ |
| `active_directory_username` | ✅ | | ✅ |
| `active_directory_domain` | ✅ | | ✅ |
| `verdict` | ✅ | ✅ | ✅ |
| | | | |
| `tactic_name` | ✅ | ✅ | |
| `tactic_id` | | ✅ | |
| `tactic_source` | ✅ | | |
| | | | |
| `technique_name` | ✅ | ✅ | |
| `technique_id` | | ✅ | |
| `technique_link` | ✅ | | |
| | | | |
| `vendor_data` (Additional vendor specific data) | ✅ | ✅ | ✅ |
For any additional information about our field mappings or integrations please contact us.
\[1]SentinelOne provides limited alert information if the alert is not of type Dynamic