This article explains in detail about collecting SentinelOne logs for Windows, MAC and Linux

~~WINDOWS~~

Open an Elevated CMD prompt.

• Create a directory call templogs [mkdir C:\templogs]
• Goto [cd C:\Program Files\SentinelOne\<Sentinel Agent version>\Tools]
• Execute [LogCollector.exe WorkingDirectory=C:\templogs]

For Example:

• Wait for the LogCollector.exe to finish. In the templog directory created above you would able to see the final output file: a GZ file.
• File Name Format: mm_dd_yyyy_hh_mm{AM|PM}_Logs.gz [Example: 05_12_2020_09_57AM_Logs.gz]

• Attach the .gz file to the Service Request No.

~~MAC~~

Open the Terminal and Run the below Commands.

• sudo sentinelctl logreport
• Enter the Mac Machine password for the user logged in and wait for the logs to be generated in the Desktop.

• The File will end with an extension .tgz [Example: SentinelLog_2022.05.03_17.02.37_sonicwall.tg]
• Attach the .tgz file to the Service Request No.

~~LINUX~~

Open the Terminal and run the Below commands.

• sudo sentinelctl log generate ”Full Path”
• Enter the Machine Password for the user who logged in.
• Wait for the Logs to be generated in the PATH mentioned.

• The File will be created in the Path mentioned with a extension .gz [Example: sentinelagent-logs_zandy_03-05-22_17_14_25.tar.g
• Attach the .gz file to the Service Request No.