@pmoses-s1/sentinelone-mcp 1.2.0 → 1.2.2

package/CHANGELOG.md

@@ -1,6 +1,18 @@
 # Changelog
 
-## 1.2.0 — 2026-06-11
+## 1.2.2 - 2026-06-13
+
+### Changed
+- **Renamed `ha_archive_workflow` to `ha_delete_workflow`.** The old tool hit `POST /hyper-automate/api/v1/workflows/archive`, which returns HTTP 500 on this tenant. The replacement uses the validated `DELETE /hyper-automate/api/v1/workflows/{id}` endpoint (a soft, recoverable delete equivalent to clicking Delete in the Hyperautomation UI). Scope the call with `accountIds` or `siteIds`; a 404 "Object not found" means the id is not under that scope or is already deleted. Updated `README.md`, the tools-table regenerator, and the smoke test in lockstep.
+- **`powerquery_run` description now documents the `datasource` and `savelookup` capabilities** (querying SentinelOne-managed inventory such as assets/alerts/vulnerabilities/misconfigurations, and persisting a result as a reusable lookup table), pointing at the new `sentinelone-powerquery/references/datasource-command.md`.
+
+### Notes
+- Tool count unchanged at 26 (the Hyperautomation tool was renamed, not added or removed).
+- `SERVER_INFO.version` bumped in lockstep with `package.json` (the drift that forced the 1.2.0 -> 1.2.1 re-release).
+
+## 1.2.1 - 2026-06-11
+
+Supersedes 1.2.0, which was deprecated on npm. The 1.2.0 build shipped with a stale internal `SERVER_INFO.version` of `1.1.0` despite a `1.2.0` package version, so the server announced the wrong version on `initialize`. 1.2.1 is identical in features and corrects the reported runtime version. The content below is unchanged from the 1.2.0 work.
 
 ### Added
 - **`hec_ingest` tool** — raw-log/event ingestion into the Singularity Data Lake via the HEC (HTTP Event Collector) endpoint (`/services/collector/raw` and `/services/collector/event`). Supports `parser` (-> `?sourcetype=`), custom `fields` (query params), **required** `scope` (S1-Scope header), gzip compression, and `isParsed` (-> `?isParsed=true`, indexes already-structured JSON with no SDL parser). Replaces the removed `sdl_upload_logs`. Validated live across the full HEC matrix (both endpoints, gzip on/off, parser field extraction, multi-line, batched, reserved-field handling, scope enforcement, isParsed). Grounded in the S-26.1 HEC docs (p.4723-4726).

package/README.md

@@ -32,7 +32,7 @@ See **[deploy/README.md](./deploy/README.md)** for the full deployment walkthrou
 | SDL API | `sdl_list_files` | sentinelone-sdl-api / sdl-dashboard / sdl-log-parser |
 | SDL API | `sdl_put_file` | sentinelone-sdl-api / sdl-dashboard / sdl-log-parser |
 | SDL API | `hec_ingest` | sentinelone-sdl-api / sdl-log-parser |
-| Hyperautomation | `ha_archive_workflow` | sentinelone-hyperautomation |
+| Hyperautomation | `ha_delete_workflow` | sentinelone-hyperautomation |
 | Hyperautomation | `ha_export_workflow` | sentinelone-hyperautomation |
 | Hyperautomation | `ha_get_workflow` | sentinelone-hyperautomation |
 | Hyperautomation | `ha_import_workflow` | sentinelone-hyperautomation |
@@ -65,7 +65,7 @@ Add this to `claude_desktop_config.json` (or `.mcp.json` for Claude Code):
   "mcpServers": {
     "sentinelone-mcp": {
       "command": "npx",
-      "args": ["-y", "@pmoses-s1/sentinelone-mcp@1.1.0"],
+      "args": ["-y", "@pmoses-s1/sentinelone-mcp@1.2.2"],
       "env": {
         "S1_CONSOLE_URL":       "https://usea1-yourorg.sentinelone.net",
         "S1_CONSOLE_API_TOKEN": "eyJ...",
@@ -463,7 +463,7 @@ sentinelone-mcp/
     powerquery.js             PowerQuery enumerate/run/schema-discover
     mgmt-console.js           S1 REST verbs + Purple AI summary + UAM
     sdl-api.js                SDL config file + log ingestion tools
-    hyperautomation.js        Hyperautomation list/get/import/export/archive
+    hyperautomation.js        Hyperautomation list/get/import/export/delete
     uam-ingest.js             UAM Alert Interface ingestion tools
   deploy/
     install.sh                One-shot installer (Mac and Linux)

package/deploy/README.md

@@ -52,7 +52,7 @@ Or, equivalently, by package name without the install:
   "mcpServers": {
     "sentinelone-mcp": {
       "command": "npx",
-      "args": ["-y", "@pmoses-s1/sentinelone-mcp@1.1.0"]
+      "args": ["-y", "@pmoses-s1/sentinelone-mcp@1.2.2"]
     }
   }
 }
@@ -359,7 +359,7 @@ Both block the W+X memory mappings V8 needs to JIT JavaScript. Adding them cause
 
 These are supported but not first-class:
 
-- **Docker / docker-compose.** Not shipped in this version. The single-file Node binary doesn't need it. If you want a container, the install is `FROM node:20-alpine` + `RUN npm install -g @pmoses-s1/sentinelone-mcp@1.1.0` + `CMD ["sentinelone-mcp", "--transport", "http", "--host", "0.0.0.0"]`. Mount creds at `/etc/sentinelone-mcp/credentials.json` and tokens at `/etc/sentinelone-mcp/bearer-tokens.json`.
+- **Docker / docker-compose.** Not shipped in this version. The single-file Node binary doesn't need it. If you want a container, the install is `FROM node:20-alpine` + `RUN npm install -g @pmoses-s1/sentinelone-mcp@1.2.2` + `CMD ["sentinelone-mcp", "--transport", "http", "--host", "0.0.0.0"]`. Mount creds at `/etc/sentinelone-mcp/credentials.json` and tokens at `/etc/sentinelone-mcp/bearer-tokens.json`.
 
 - **External bridge (`supergateway`, `mcp-proxy`).** Pre-1.1.0 deployments used these to wrap the stdio-only server. They still work; this server's native HTTP mode is functionally equivalent and removes the extra process. Prefer native unless you have a specific reason.
 

package/lib/server-core.js

@@ -94,7 +94,7 @@ const PROMPTS = [
 
 export const SERVER_INFO = {
   name: 'sentinelone-mcp-server',
-  version: '1.1.0',
+  version: '1.2.2',
 };
 
 export const PROTOCOL_VERSION = '2024-11-05';
@@ -203,9 +203,9 @@ export async function dispatch(method, params, id) {
                 text: `Begin a new SOC analyst session. Follow this initialization sequence:
 
 1. Call \`powerquery_enumerate_sources\` to discover active SDL data sources (MANDATORY, never assume sources from prior sessions).
-2. In parallel, call \`uam_list_alerts\` with filter="status=OPEN" to pull active alerts.
+2. In parallel, call \`uam_list_alerts\` with status="NEW" to pull untriaged active alerts. Valid status values are "NEW", "IN_PROGRESS", or "RESOLVED" (there is no "OPEN" status; it silently returns 0 results). Omit the status argument to pull the most recent alerts across all states.
 3. For each discovered data source not already in the schema registry, plan schema discovery via \`powerquery_schema_discover\`.
-4. Report: (a) active data sources list, (b) open alert count and top 5 by severity, (c) which sources need schema discovery.
+4. Report: (a) active data sources list, (b) untriaged (NEW) alert count and top 5 by severity, (c) which sources need schema discovery.
 
 Apply the SOC analyst context from the soc_analyst prompt throughout.`,
               },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pmoses-s1/sentinelone-mcp",
-  "version": "1.2.0",
+  "version": "1.2.2",
   "description": "MCP server orchestrating SentinelOne skills, APIs, and SOC analyst context. Stdio or Streamable HTTP transport with per-user bearer auth for team deployments.",
   "type": "module",
   "main": "index.js",

package/scripts/regen-readme-tools-table.mjs

@@ -48,7 +48,7 @@ const TOOL_SKILL = {
   // Hyperautomation
   ha_list_workflows:             'sentinelone-hyperautomation',
   ha_get_workflow:               'sentinelone-hyperautomation',
-  ha_archive_workflow:           'sentinelone-hyperautomation',
+  ha_delete_workflow:           'sentinelone-hyperautomation',
   ha_import_workflow:            'sentinelone-hyperautomation',
   ha_export_workflow:            'sentinelone-hyperautomation',
   // UAM Ingest

package/scripts/test-mac.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 #
-# Mac validation script for sentinelone-mcp v1.1.0.
+# Mac validation script for sentinelone-mcp v1.2.2.
 #
 # Runs the same test matrix as Linux:
 #   - syntax-check every .js/.mjs file
@@ -100,12 +100,12 @@ fi
 # ─── 5. CLI flag sanity ───────────────────────────────────────────────────────
 
 step "5. CLI flag sanity"
-if [[ "$(node index.js --version 2>/dev/null)" == "1.1.0" ]]; then
-  pass "--version returns 1.1.0"
+if [[ "$(node index.js --version 2>/dev/null)" == "1.2.2" ]]; then
+  pass "--version returns 1.2.2"
 else
-  fail "--version did not return 1.1.0" "Got: $(node index.js --version 2>&1)"
+  fail "--version did not return 1.2.2" "Got: $(node index.js --version 2>&1)"
 fi
-if node index.js --help 2>&1 | grep -q "sentinelone-mcp 1.1.0"; then
+if node index.js --help 2>&1 | grep -q "sentinelone-mcp 1.2.2"; then
   pass "--help renders"
 else
   fail "--help broken" "$(node index.js --help 2>&1 | head -5)"

package/tools/hyperautomation.js

@@ -4,8 +4,8 @@
  * Tools:
  *   ha_list_workflows     List Hyperautomation workflows (with scope/state/sort filters)
  *   ha_get_workflow       Get a single workflow by ID (+ optional revisionId)
- *   ha_archive_workflow   Archive (soft-delete) a workflow
- *   ha_import_workflow    Import (create) a workflow from JSON
+ *   ha_delete_workflow    Delete (soft, recoverable) a workflow via REST DELETE
+ *   ha_import_workflow    Import (create) a workflow from JSON (account- or site-scoped)
  *   ha_export_workflow    Export all workflows as a ZIP archive
  *
  * API root (confirmed via live network capture 2026-05-03):
@@ -15,14 +15,15 @@
  *   GET /workflows/single/{workflowId}/{revisionId}
  * The revisionId is workflow.version_id in the list response.
  *
- * Deletion is a soft-archive, not HTTP DELETE:
- *   POST /workflows/archive  { workflowIds: [<uuid>, ...] }
+ * Deletion is a soft, recoverable HTTP DELETE (validated 2026-06-13):
+ *   DELETE /workflows/{id}?accountIds=<acct>   (or ?siteIds=<site>)
+ * The older POST /workflows/archive returns 500 on this tenant — do not use it.
  *
- * Export/import paths were NOT captured in the network trace — kept at their
- * previously confirmed /public paths until the /v1 equivalents are verified.
+ * Import scope: the public import endpoint accepts ?accountIds=<acct> or
+ * ?siteIds=<site>; with no scope it returns a misleading 403 on a scoped tenant.
  */
 
-import { apiGet, apiPost } from '../lib/s1.js';
+import { apiGet, apiPost, apiDelete } from '../lib/s1.js';
 
 // Confirmed base path from live network monitor (2026-05-03).
 const HA_BASE = '/web/api/v2.1/hyper-automate/api/v1';
@@ -156,36 +157,57 @@ export const tools = [
     },
   },
 
-  // ─── ha_archive_workflow ──────────────────────────────────────────────────
+  // ─── ha_delete_workflow ───────────────────────────────────────────────────
   {
-    name: 'ha_archive_workflow',
-    description: `Archive (soft-delete) one or more Hyperautomation workflows. Archive is the console's delete operation — the workflow is removed from the active list but the underlying data is retained. Equivalent to clicking Delete in the Hyperautomation UI. Requires Hyper Automate.write permission. Returns the API response (200 OK on success). This action is NOT easily reversible — confirm with the user before calling.`,
+    name: 'ha_delete_workflow',
+    description: `Delete one or more Hyperautomation workflows. Uses the REST DELETE /hyper-automate/api/v1/workflows/{id} endpoint (validated 2026-06-13) — a soft, recoverable delete (the console offers a "Restore workflow" action), equivalent to clicking Delete in the Hyperautomation UI. Scope the call to where the workflow lives with accountIds (account-scoped workflow) or siteIds (site-scoped); a 404 "Object not found" means the id is not under that scope or is already deleted. Requires Hyper Automate.write permission. NOTE: do NOT use the older POST /workflows/archive path — it returns 500 on this tenant.`,
     inputSchema: {
       type: 'object',
       properties: {
         workflowIds: {
           type: 'array',
           items: { type: 'string' },
-          description: 'One or more workflow UUIDs to archive (from ha_list_workflows).',
+          description: 'One or more workflow UUIDs to delete (from ha_list_workflows).',
+        },
+        accountIds: {
+          type: 'string',
+          description: 'Account scope for an account-level workflow (e.g. "2046190533732727925"). Provide this OR siteIds.',
+        },
+        siteIds: {
+          type: 'string',
+          description: 'Site scope for a site-level workflow. Provide this OR accountIds.',
         },
       },
       required: ['workflowIds'],
     },
-    async handler({ workflowIds }) {
+    async handler({ workflowIds, accountIds, siteIds } = {}) {
       if (!Array.isArray(workflowIds) || workflowIds.length === 0) {
         return JSON.stringify({ error: 'workflowIds must be a non-empty array of UUIDs.' });
       }
-      // Confirmed: POST /workflows/archive with IDs in request body.
-      // This is the backend call behind the UI Delete button.
-      const result = await apiPost(`${HA_BASE}/workflows/archive`, { workflowIds });
-      return JSON.stringify(result, null, 2);
+      if (!accountIds && !siteIds) {
+        return JSON.stringify({ error: 'Provide accountIds or siteIds to scope the delete to where the workflow lives (a workflow created at a site must be deleted with siteIds; an account-scoped one with accountIds).' });
+      }
+      const scope = accountIds
+        ? `accountIds=${encodeURIComponent(accountIds)}`
+        : `siteIds=${encodeURIComponent(siteIds)}`;
+      const results = [];
+      for (const id of workflowIds) {
+        try {
+          // DELETE returns 204 No Content on success.
+          await apiDelete(`${HA_BASE}/workflows/${encodeURIComponent(id)}?${scope}`);
+          results.push({ id, status: 'deleted' });
+        } catch (e) {
+          results.push({ id, status: 'error', error: e.message });
+        }
+      }
+      return JSON.stringify({ deleted: results }, null, 2);
     },
   },
 
   // ─── ha_import_workflow ───────────────────────────────────────────────────
   {
     name: 'ha_import_workflow',
-    description: `Import a Hyperautomation workflow JSON into the SentinelOne console. The workflow JSON must follow the Hyperautomation schema (use the sentinelone-hyperautomation skill to generate valid JSON). Integration-backed actions (type=http_request with an integration_id) require pre-configured connections in Hyperautomation > Integrations before the workflow will run. The import API validates schema but cannot check if integrations are configured. Returns the created workflow ID on success. Requires Hyper Automate.write permission.`,
+    description: `Import a Hyperautomation workflow JSON into the SentinelOne console. Scope the import with accountIds (account-level) or siteIds (site-level); on a scoped tenant a bare import with no scope returns a misleading 403 "Insufficient permissions". The workflow JSON must follow the Hyperautomation schema (use the sentinelone-hyperautomation skill to generate valid JSON). Integration-backed actions (type=http_request with an integration_id) require pre-configured connections in Hyperautomation > Integrations before the workflow will run, and an imported flow lands as a private draft until published (publish endpoint) or activated. Returns the created workflow ID on success. Requires Hyper Automate.write permission.`,
     inputSchema: {
       type: 'object',
       properties: {
@@ -193,19 +215,31 @@ export const tools = [
           type: 'string',
           description: 'Full Hyperautomation workflow JSON as a string. Must be valid Hyperautomation schema. Generate this using the sentinelone-hyperautomation skill.',
         },
+        accountIds: {
+          type: 'string',
+          description: 'Account scope for an account-level import (e.g. "2046190533732727925"). Provide this OR siteIds.',
+        },
+        siteIds: {
+          type: 'string',
+          description: 'Site scope for a site-level import. Provide this OR accountIds.',
+        },
       },
       required: ['workflowJson'],
     },
-    async handler({ workflowJson }) {
+    async handler({ workflowJson, accountIds, siteIds }) {
       let parsed;
       try {
         parsed = JSON.parse(workflowJson);
       } catch (e) {
         return JSON.stringify({ error: `Invalid JSON: ${e.message}` });
       }
-      // Path confirmed working during backtest (returns 403 without write permission).
-      // /v1 equivalent not yet captured — keeping /public path until verified.
-      const result = await apiPost(`${HA_PUBLIC}/workflow-import-export/import`, { data: parsed });
+      // Public import endpoint. Append the scope query param: account-level imports use
+      // ?accountIds=, site-level use ?siteIds=. A bare import (no scope) returns a misleading
+      // 403 on a scoped tenant (validated 2026-06-13).
+      let qs = '';
+      if (accountIds) qs = `?accountIds=${encodeURIComponent(accountIds)}`;
+      else if (siteIds) qs = `?siteIds=${encodeURIComponent(siteIds)}`;
+      const result = await apiPost(`${HA_PUBLIC}/workflow-import-export/import${qs}`, { data: parsed });
       return JSON.stringify(result, null, 2);
     },
   },

package/tools/powerquery.js

@@ -45,7 +45,7 @@ export const tools = [
       properties: {
         query: {
           type: 'string',
-          description: 'The PowerQuery string. Use pipe-separated commands: | filter | group | sort | limit | columns. Three distinct wildcard idioms — use the right one: (1) FIELD PRESENCE / ATTRIBUTE WILDCARD: field=* means "field is present/non-null", e.g. dataSource.name=* | group count=count() by dataSource.name — use this as a query-opener or whenever you need "all events that have this field". (2) ALL-COLUMN TEXT SEARCH: * contains \'value\' or * matches \'regex\' in the initial filter (before the first |) searches ALL indexed fields — use when the user asks to find text anywhere in the event, e.g. dataSource.name=\'MySource\' * contains \'evil.com\'. Dramatically faster than message contains. (3) EMPTY FILTER (all events): start with | and no initial predicate, e.g. | group ct=count() by event.type. Do NOT use bare * alone as the initial filter — that causes HTTP 500 ("Don\'t understand [*]").',
+          description: 'The PowerQuery string. Use pipe-separated commands: | filter | group | sort | limit | columns. Three distinct wildcard idioms — use the right one: (1) FIELD PRESENCE / ATTRIBUTE WILDCARD: field=* means "field is present/non-null", e.g. dataSource.name=* | group count=count() by dataSource.name — use this as a query-opener or whenever you need "all events that have this field". (2) ALL-COLUMN TEXT SEARCH: * contains \'value\' or * matches \'regex\' in the initial filter (before the first |) searches ALL indexed fields — use when the user asks to find text anywhere in the event, e.g. dataSource.name=\'MySource\' * contains \'evil.com\'. Dramatically faster than message contains. (3) EMPTY FILTER (all events): start with | and no initial predicate, e.g. | group ct=count() by event.type. Do NOT use bare * alone as the initial filter — that causes HTTP 500 ("Don\'t understand [*]"). Beyond filtering, | datasource <name> [from <dataset>] reads SentinelOne-managed inventory (assets, alerts, vulnerabilities, misconfigurations, metering; e.g. | datasource assets from \'surface/identity\') and | savelookup \'<name>\' persists the result as a reusable lookup table (see references/datasource-command.md in sentinelone-powerquery).',
         },
         startTime: {
           type: 'string',