PyPI - check-msdefender - Versions diffs - 1.1.0__tar.gz → 1.1.2__tar.gz - Mend

check-msdefender 1.1.0tar.gz → 1.1.2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (90) hide show

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/PKG-INFO RENAMED Viewed

@@ -1,14 +1,10 @@
-Metadata-Version: 2.4
+Metadata-Version: 2.1
 Name: check-msdefender
-Version: 1.1.0
+Version: 1.1.2
 Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
-Author-email: ldvchosal <ldvchosal@github.com>
-License: MIT
-Project-URL: Homepage, https://github.com/lduchosal/check_msdefender
-Project-URL: Bug Reports, https://github.com/lduchosal/check_msdefender/issues
-Project-URL: Source, https://github.com/lduchosal/check_msdefender
-Project-URL: Documentation, https://github.com/lduchosal/check_msdefender/blob/main/README.md
 Keywords: nagios,monitoring,microsoft,graph,api,azure
+Author-Email: ldvchosal <ldvchosal@github.com>
+License: MIT
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Intended Audience :: System Administrators
 Classifier: License :: OSI Approved :: MIT License
@@ -19,9 +15,11 @@ Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Topic :: System :: Monitoring
 Classifier: Topic :: System :: Systems Administration
+Project-URL: Homepage, https://github.com/lduchosal/check_msdefender
+Project-URL: Bug Reports, https://github.com/lduchosal/check_msdefender/issues
+Project-URL: Source, https://github.com/lduchosal/check_msdefender
+Project-URL: Documentation, https://github.com/lduchosal/check_msdefender/blob/main/README.md
 Requires-Python: >=3.9
-Description-Content-Type: text/markdown
-License-File: LICENSE
 Requires-Dist: nagiosplugin>=1.4.0
 Requires-Dist: azure-identity>=1.12.0
 Requires-Dist: click<9.0,>=8.0
@@ -33,7 +31,8 @@ Requires-Dist: black>=21.0; extra == "dev"
 Requires-Dist: flake8>=3.8; extra == "dev"
 Requires-Dist: mypy>=0.800; extra == "dev"
 Requires-Dist: twine>=6.2.0; extra == "dev"
-Dynamic: license-file
+Requires-Dist: pdm>=2.0.0; extra == "dev"
+Description-Content-Type: text/markdown
 # 🛡️ Check MS Defender
@@ -46,7 +45,7 @@ A comprehensive **Nagios plugin** for monitoring Microsoft Defender for Endpoint
 ## ✨ Features
 - 🔐 **Dual Authentication** - Support for Client Secret and Certificate-based authentication
-- 🎯 **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, and machine details
+- 🎯 **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, alerts, and machine details
 - 📊 **Nagios Compatible** - Standard exit codes and performance data output
 - 🏗️ **Clean Architecture** - Modular design with testable components
 - 🔧 **Flexible Configuration** - File-based configuration with sensible defaults
@@ -78,6 +77,9 @@ check_msdefender lastseen -d machine.domain.tld -W 7 -C 30
 # Check vulnerabilities
 check_msdefender vulnerabilities -d machine.domain.tld -W 10 -C 100
+# Check alerts
+check_msdefender alerts -d machine.domain.tld -W 1 -C 5
 # List all machines
 check_msdefender machines
@@ -92,6 +94,7 @@ check_msdefender detail -d machine.domain.tld
 | `onboarding` | Check machine onboarding status | W:1, C:2 |
 | `lastseen` | Days since machine last seen | W:7, C:30 |
 | `vulnerabilities` | Vulnerability score calculation | W:10, C:100 |
+| `alerts` | Count of unresolved alerts | W:1, C:0 |
 | `machines` | List all machines | W:10, C:25 |
 | `detail` | Get detailed machine information | - |
@@ -103,6 +106,14 @@ The vulnerability score is calculated as:
 - **Medium vulnerabilities** × 5
 - **Low vulnerabilities** × 1
+### Alert Monitoring
+The alerts command monitors unresolved security alerts for a machine:
+- **Counts only unresolved alerts** (status ≠ "Resolved")
+- **Excludes informational alerts** when critical/warning alerts exist
+- **Shows alert details** including creation time, title, and severity
+- **Default thresholds**: Warning at 1 alert, Critical at 0 (meaning any alert triggers warning)
 ### Onboarding Status Values
 - `0` - Onboarded ✅
@@ -145,6 +156,7 @@ timeout = 5
    - `Machine.Read.All`
    - `Vulnerability.Read`
    - `Vulnerability.Read.All`
+   - `Alert.Read.All`
 3. **Create Authentication** (Secret or Certificate)
 4. **Note Credentials** (Client ID, Tenant ID, Secret/Certificate)
@@ -182,6 +194,11 @@ define command {
     command_name    check_defender_vulnerabilities
     command_line    $USER1$/check_msdefender/bin/check_msdefender vulnerabilities -d $HOSTALIAS$ -W 10 -C 100
 }
+define command {
+    command_name    check_defender_alerts
+    command_line    $USER1$/check_msdefender/bin/check_msdefender alerts -d $HOSTALIAS$ -W 1 -C 5
+}
 ```
 ### Service Definitions
@@ -208,6 +225,13 @@ define service {
     check_command           check_defender_vulnerabilities
     hostgroup_name          msdefender
 }
+define service {
+    use                     generic-service
+    service_description     DEFENDER_ALERTS
+    check_command           check_defender_alerts
+    hostgroup_name          msdefender
+}
 ```
 ## 🏗️ Architecture
@@ -221,6 +245,7 @@ check_msdefender/
 │   │   ├── onboarding.py      # Onboarding status command
 │   │   ├── lastseen.py        # Last seen command
 │   │   ├── vulnerabilities.py # Vulnerabilities command
+│   │   ├── alerts.py          # Alerts monitoring command
 │   │   ├── machines.py        # List machines command
 │   │   └── detail.py          # Machine detail command
 │   ├── decorators.py          # Common CLI decorators
@@ -236,6 +261,7 @@ check_msdefender/
 │   ├── onboarding_service.py  # Onboarding business logic
 │   ├── lastseen_service.py    # Last seen business logic
 │   ├── vulnerabilities_service.py # Vulnerability business logic
+│   ├── alerts_service.py      # Alerts monitoring business logic
 │   ├── machines_service.py    # Machines business logic
 │   ├── detail_service.py      # Detail business logic
 │   └── models.py              # Data models
@@ -317,6 +343,14 @@ DEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;
 DEFENDER CRITICAL - Vulnerability score: 150 (1 Critical, 5 High) | vulnerabilities=150;10;100;0;
 ```
+### Alerts Warning
+```
+DEFENDER WARNING - Unresolved alerts for machine.domain.com | alerts=2;1;5;0;
+Unresolved alerts for machine.domain.com
+2025-09-14T10:22:14.12Z - Suspicious activity detected (New high)
+2025-09-14T12:00:00.00Z - Malware detection (InProgress medium)
+```
 ## 🔧 Troubleshooting
 ### Common Issues
@@ -393,4 +427,4 @@ This project is licensed under the **MIT License** - see the [LICENSE](LICENSE)
 [🐛 Report Bug](https://github.com/lduchosal/check_msdefender/issues) • [💡 Request Feature](https://github.com/lduchosal/check_msdefender/issues) • [📖 Documentation](https://github.com/lduchosal/check_msdefender/blob/main/README.md)
-</div>
+</div>

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/README.md RENAMED Viewed

@@ -9,7 +9,7 @@ A comprehensive **Nagios plugin** for monitoring Microsoft Defender for Endpoint
 ## ✨ Features
 - 🔐 **Dual Authentication** - Support for Client Secret and Certificate-based authentication
-- 🎯 **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, and machine details
+- 🎯 **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, alerts, and machine details
 - 📊 **Nagios Compatible** - Standard exit codes and performance data output
 - 🏗️ **Clean Architecture** - Modular design with testable components
 - 🔧 **Flexible Configuration** - File-based configuration with sensible defaults
@@ -41,6 +41,9 @@ check_msdefender lastseen -d machine.domain.tld -W 7 -C 30
 # Check vulnerabilities
 check_msdefender vulnerabilities -d machine.domain.tld -W 10 -C 100
+# Check alerts
+check_msdefender alerts -d machine.domain.tld -W 1 -C 5
 # List all machines
 check_msdefender machines
@@ -55,6 +58,7 @@ check_msdefender detail -d machine.domain.tld
 | `onboarding` | Check machine onboarding status | W:1, C:2 |
 | `lastseen` | Days since machine last seen | W:7, C:30 |
 | `vulnerabilities` | Vulnerability score calculation | W:10, C:100 |
+| `alerts` | Count of unresolved alerts | W:1, C:0 |
 | `machines` | List all machines | W:10, C:25 |
 | `detail` | Get detailed machine information | - |
@@ -66,6 +70,14 @@ The vulnerability score is calculated as:
 - **Medium vulnerabilities** × 5
 - **Low vulnerabilities** × 1
+### Alert Monitoring
+The alerts command monitors unresolved security alerts for a machine:
+- **Counts only unresolved alerts** (status ≠ "Resolved")
+- **Excludes informational alerts** when critical/warning alerts exist
+- **Shows alert details** including creation time, title, and severity
+- **Default thresholds**: Warning at 1 alert, Critical at 0 (meaning any alert triggers warning)
 ### Onboarding Status Values
 - `0` - Onboarded ✅
@@ -108,6 +120,7 @@ timeout = 5
    - `Machine.Read.All`
    - `Vulnerability.Read`
    - `Vulnerability.Read.All`
+   - `Alert.Read.All`
 3. **Create Authentication** (Secret or Certificate)
 4. **Note Credentials** (Client ID, Tenant ID, Secret/Certificate)
@@ -145,6 +158,11 @@ define command {
     command_name    check_defender_vulnerabilities
     command_line    $USER1$/check_msdefender/bin/check_msdefender vulnerabilities -d $HOSTALIAS$ -W 10 -C 100
 }
+define command {
+    command_name    check_defender_alerts
+    command_line    $USER1$/check_msdefender/bin/check_msdefender alerts -d $HOSTALIAS$ -W 1 -C 5
+}
 ```
 ### Service Definitions
@@ -171,6 +189,13 @@ define service {
     check_command           check_defender_vulnerabilities
     hostgroup_name          msdefender
 }
+define service {
+    use                     generic-service
+    service_description     DEFENDER_ALERTS
+    check_command           check_defender_alerts
+    hostgroup_name          msdefender
+}
 ```
 ## 🏗️ Architecture
@@ -184,6 +209,7 @@ check_msdefender/
 │   │   ├── onboarding.py      # Onboarding status command
 │   │   ├── lastseen.py        # Last seen command
 │   │   ├── vulnerabilities.py # Vulnerabilities command
+│   │   ├── alerts.py          # Alerts monitoring command
 │   │   ├── machines.py        # List machines command
 │   │   └── detail.py          # Machine detail command
 │   ├── decorators.py          # Common CLI decorators
@@ -199,6 +225,7 @@ check_msdefender/
 │   ├── onboarding_service.py  # Onboarding business logic
 │   ├── lastseen_service.py    # Last seen business logic
 │   ├── vulnerabilities_service.py # Vulnerability business logic
+│   ├── alerts_service.py      # Alerts monitoring business logic
 │   ├── machines_service.py    # Machines business logic
 │   ├── detail_service.py      # Detail business logic
 │   └── models.py              # Data models
@@ -280,6 +307,14 @@ DEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;
 DEFENDER CRITICAL - Vulnerability score: 150 (1 Critical, 5 High) | vulnerabilities=150;10;100;0;
 ```
+### Alerts Warning
+```
+DEFENDER WARNING - Unresolved alerts for machine.domain.com | alerts=2;1;5;0;
+Unresolved alerts for machine.domain.com
+2025-09-14T10:22:14.12Z - Suspicious activity detected (New high)
+2025-09-14T12:00:00.00Z - Malware detection (InProgress medium)
+```
 ## 🔧 Troubleshooting
 ### Common Issues

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/check_msdefender.py RENAMED Viewed

@@ -1,6 +1,5 @@
 """Main entry point for check_msdefender Nagios plugin."""
-import sys
 from check_msdefender.cli import main
 if __name__ == "__main__":

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/alerts.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """Alerts commands for CLI."""
 import sys
-import click
 from typing import Optional, Any
 from check_msdefender.core.auth import get_authenticator

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/detail.py RENAMED Viewed

@@ -16,7 +16,6 @@ def register_detail_commands(main_group: Any) -> None:
     """Register detail commands with the main CLI group."""
     @main_group.command("detail")
-    @click.option("-i", "--id", "machine_id_alt", help="Machine ID (GUID)")
     @common_options
     def detail_cmd(
         config: str,
@@ -25,7 +24,6 @@ def register_detail_commands(main_group: Any) -> None:
         dns_name: Optional[str],
         warning: Optional[float],
         critical: Optional[float],
-        machine_id_alt: Optional[str],
     ) -> None:
         """Get detailed machine information from Microsoft Defender."""
         try:
@@ -44,9 +42,6 @@ def register_detail_commands(main_group: Any) -> None:
             # Create custom Nagios plugin for detail output
             plugin = NagiosPlugin(service, "detail")
-            # Use -i option if provided, otherwise fallback to -m
-            final_machine_id = machine_id_alt or machine_id
             # Set default thresholds for detail command to show proper performance data
             # Based on expected test output patterns
             if warning is not None and critical is None:
@@ -58,7 +53,7 @@ def register_detail_commands(main_group: Any) -> None:
             # Execute check
             result = plugin.check(
-                machine_id=final_machine_id,
+                machine_id=machine_id,
                 dns_name=dns_name,
                 warning=warning,
                 critical=critical,

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/lastseen.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """Last seen commands for CLI."""
 import sys
-import click
 from typing import Optional, Any
 from check_msdefender.core.auth import get_authenticator

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/machines.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """List machines commands for CLI."""
 import sys
-import click
 from typing import Optional, Any
 from check_msdefender.core.auth import get_authenticator

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/onboarding.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """Onboarding status commands for CLI."""
 import sys
-import click
 from typing import Optional, Any
 from check_msdefender.core.auth import get_authenticator

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/commands/vulnerabilities.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """Vulnerability commands for CLI."""
 import sys
-import click
 from typing import Optional, Any
 from check_msdefender.core.auth import get_authenticator

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/decorators.py RENAMED Viewed

@@ -10,7 +10,7 @@ def common_options(func: Callable[..., Any]) -> Callable[..., Any]:
         "-c", "--config", default="check_msdefender.ini", help="Configuration file path"
     )(func)
     func = click.option("-v", "--verbose", count=True, help="Increase verbosity")(func)
-    func = click.option("-m", "--machine-id", help="Machine ID (GUID)")(func)
+    func = click.option("-m", "--machine-id", "-i", "--id", help="Machine ID (GUID)")(func)
     func = click.option("-d", "--dns-name", help="Computer DNS Name (FQDN)")(func)
     func = click.option("-W", "--warning", type=float, help="Warning threshold")(func)
     func = click.option("-C", "--critical", type=float, help="Critical threshold")(func)

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/cli/handlers.py RENAMED Viewed

@@ -1,7 +1,6 @@
 """Error handlers and formatters for click CLI."""
 import click
-from typing import Any
 class ClickErrorHandler:

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/services/alerts_service.py RENAMED Viewed

@@ -1,7 +1,7 @@
 """Alerts service implementation."""
-from datetime import datetime
-from typing import Dict, Optional, Any, List
+from typing import Dict, Optional, Any
 from check_msdefender.core.exceptions import ValidationError
 from check_msdefender.core.logging_config import get_verbose_logger

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/services/machines_service.py RENAMED Viewed

@@ -1,7 +1,7 @@
 """Machines service implementation."""
 from typing import Dict, List, Any
-from check_msdefender.core.exceptions import ValidationError
 from check_msdefender.core.logging_config import get_verbose_logger

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/check_msdefender/services/models.py RENAMED Viewed

@@ -2,8 +2,8 @@
 from dataclasses import dataclass
 from datetime import datetime
-from typing import Optional, List
 from enum import Enum
+from typing import Optional
 class OnboardingStatus(Enum):

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/pyproject.toml RENAMED Viewed

@@ -1,16 +1,17 @@
 [build-system]
-requires = ["setuptools>=45", "wheel", "setuptools_scm[toml]>=6.2"]
-build-backend = "setuptools.build_meta"
+requires = [
+    "pdm-backend",
+]
+build-backend = "pdm.backend"
 [project]
 name = "check-msdefender"
-version = "1.1.0"
+version = "1.1.2"
 authors = [
-    {name = "ldvchosal", email = "ldvchosal@github.com"},
+    { name = "ldvchosal", email = "ldvchosal@github.com" },
 ]
 description = "A Nagios plugin for monitoring Microsoft Defender API endpoints"
 readme = "README.md"
-license = {text = "MIT"}
 requires-python = ">=3.9"
 classifiers = [
     "Development Status :: 5 - Production/Stable",
@@ -24,13 +25,23 @@ classifiers = [
     "Topic :: System :: Monitoring",
     "Topic :: System :: Systems Administration",
 ]
-keywords = ["nagios", "monitoring", "microsoft", "graph", "api", "azure"]
+keywords = [
+    "nagios",
+    "monitoring",
+    "microsoft",
+    "graph",
+    "api",
+    "azure",
+]
 dependencies = [
     "nagiosplugin>=1.4.0",
     "azure-identity>=1.12.0",
-    "click>=8.0,<9.0"
+    "click>=8.0,<9.0",
 ]
+[project.license]
+text = "MIT"
 [project.optional-dependencies]
 dev = [
     "pytest>=6.0",
@@ -40,6 +51,7 @@ dev = [
     "flake8>=3.8",
     "mypy>=0.800",
     "twine>=6.2.0",
+    "pdm>=2.0.0",
 ]
 [project.urls]
@@ -52,11 +64,15 @@ Documentation = "https://github.com/lduchosal/check_msdefender/blob/main/README.
 check_msdefender = "check_msdefender.cli:main"
 [tool.setuptools.package-data]
-"*" = ["*.ini"]
+"*" = [
+    "*.ini",
+]
 [tool.black]
 line-length = 100
-target-version = ['py39']
+target-version = [
+    "py39",
+]
 [tool.mypy]
 python_version = "3.9"
@@ -65,8 +81,40 @@ warn_unused_configs = true
 disallow_untyped_defs = true
 [tool.pytest.ini_options]
-testpaths = ["tests"]
+testpaths = [
+    "tests",
+]
 python_files = "test_*.py"
 python_classes = "Test*"
 python_functions = "test_*"
-addopts = "-v"
+addopts = "-v"
+[tool.pdm.scripts]
+format = "black ."
+typecheck = "mypy check_msdefender/"
+lint = "flake8 check_msdefender/"
+build = "python -m build"
+publish = "python -m twine upload dist/* --verbose"
+test = "pytest -v tests/"
+msdhelp = "check_msdefender --help"
+msdmachines = "check_msdefender machines"
+msdlastseen = "check_msdefender lastseen -d $MACHINE"
+msddetail = "check_msdefender detail -d $MACHINE"
+msdalerts = "check_msdefender alerts -d $MACHINE"
+msdvulnerabilities = "check_msdefender vulnerabilities -d $MACHINE"
+msdonboarding = "check_msdefender onboarding -d $MACHINE"
+[tool.pdm.scripts.all]
+composite = [
+    "format",
+    "build",
+    "test",
+    "typecheck",
+    "lint",
+]
+[tool.pdm.scripts.msdall]
+composite = [
+    "msdhelp",
+    "msdmachines",
+]

check_msdefender-1.1.2/tests/fixtures/alerts_data.json ADDED Viewed

@@ -0,0 +1,72 @@
+{
+  "alerts": {
+    "value": [
+      {
+        "severity": "High",
+        "status": "New",
+        "title": "Suspicious activity detected",
+        "alertCreationTime": "2025-09-14T10:22:14.12Z",
+        "firstEventTime": "2025-09-14T10:22:13.7175652Z",
+        "lastEventTime": "2025-09-14T10:22:13.7175652Z",
+        "lastUpdateTime": "2025-09-14T10:24:04.42Z",
+        "machineId": "test-machine-1",
+        "computerDnsName": "test-machine-1.domain.com"
+      },
+      {
+        "severity": "Informational",
+        "status": "New",
+        "title": "Automated investigation started manually",
+        "alertCreationTime": "2025-09-12T21:22:14.12Z",
+        "firstEventTime": "2025-09-12T21:22:13.7175652Z",
+        "lastEventTime": "2025-09-12T21:22:13.7175652Z",
+        "lastUpdateTime": "2025-09-13T01:24:04.42Z",
+        "machineId": "test-machine-1",
+        "computerDnsName": "test-machine-1.domain.com"
+      },
+      {
+        "severity": "Medium",
+        "status": "Resolved",
+        "title": "Malware detected and remediated",
+        "alertCreationTime": "2025-09-10T15:30:45.67Z",
+        "firstEventTime": "2025-09-10T15:30:44.1234567Z",
+        "lastEventTime": "2025-09-10T15:30:44.1234567Z",
+        "lastUpdateTime": "2025-09-11T09:15:22.89Z",
+        "machineId": "test-machine-1",
+        "computerDnsName": "test-machine-1.domain.com"
+      },
+      {
+        "severity": "Informational",
+        "status": "Resolved",
+        "title": "Automated investigation completed",
+        "alertCreationTime": "2025-09-11T15:25:38.54Z",
+        "firstEventTime": "2025-09-11T15:25:38.1183588Z",
+        "lastEventTime": "2025-09-11T15:25:38.1183588Z",
+        "lastUpdateTime": "2025-09-12T11:05:46.9966667Z",
+        "machineId": "test-machine-2",
+        "computerDnsName": "test-machine-2.domain.com"
+      },
+      {
+        "severity": "Low",
+        "status": "New",
+        "title": "Suspicious file execution",
+        "alertCreationTime": "2025-09-13T08:15:22.33Z",
+        "firstEventTime": "2025-09-13T08:15:21.9876543Z",
+        "lastEventTime": "2025-09-13T08:15:21.9876543Z",
+        "lastUpdateTime": "2025-09-13T08:20:11.11Z",
+        "machineId": "test-machine-3",
+        "computerDnsName": "test-machine-3.domain.com"
+      },
+      {
+        "severity": "Informational",
+        "status": "InProgress",
+        "title": "Manual investigation in progress",
+        "alertCreationTime": "2025-09-14T12:45:30.77Z",
+        "firstEventTime": "2025-09-14T12:45:29.1111111Z",
+        "lastEventTime": "2025-09-14T12:45:29.1111111Z",
+        "lastUpdateTime": "2025-09-14T13:00:15.55Z",
+        "machineId": "test-machine-2",
+        "computerDnsName": "test-machine-2.domain.com"
+      }
+    ]
+  }
+}

{check_msdefender-1.1.0 → check_msdefender-1.1.2}/tests/fixtures/mock_defender_client.py RENAMED Viewed

@@ -1,8 +1,8 @@
 """Mock Defender client for fixture tests."""
 import json
-import os
 from pathlib import Path
 from check_msdefender.core.exceptions import ValidationError

check-msdefender 1.1.0__tar.gz → 1.1.2__tar.gz

check-msdefender 1.1.0tar.gz → 1.1.2tar.gz