PyPI - check-msdefender - Versions diffs - 1.1.10__py3-none-any.whl → 1.1.13__py3-none-any.whl - Mend

check-msdefender 1.1.10py3-none-any.whl → 1.1.13py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

check_msdefender/__init__.py CHANGED Viewed

@@ -1,4 +1,4 @@
 """Check Microsoft Defender API endpoints and check values - Nagios plugin."""
-__version__ = "1.1.10"
+__version__ = "1.1.13"
 __author__ = "ldvchosal"
 __email__ = "ldvchosa@github.com"

check_msdefender/services/products_service.py CHANGED Viewed

@@ -6,6 +6,12 @@ from datetime import datetime
 from check_msdefender.core.exceptions import ValidationError
 from check_msdefender.core.logging_config import get_verbose_logger
+class DetailObject:
+    def __init__(self, software: str, data: str, score: int):
+        self.software = software
+        self.data = data
+        self.score = score
+        self.paths: list[str] = []
 class ProductsService:
     """Service for checking installed products on machines."""
@@ -60,6 +66,7 @@ class ProductsService:
             cve_id = vulnerability.get("cveId", "Unknown")
             cvss_score = vulnerability.get("cvssScore", 0)
             disk_paths = vulnerability.get("diskPaths", [])
+            registry_paths = vulnerability.get("registryPaths", [])
             severity = vulnerability.get("vulnerabilitySeverityLevel", "Unknown")
             software_key = f"{software_name}-{software_version}-{software_vendor}"
@@ -71,12 +78,15 @@ class ProductsService:
                     "vendor": software_vendor,
                     "cves": [],
                     "paths": set(),
+                    "registryPaths": set(),
                     "max_cvss": 0,
                     "severities": set(),
                 }
-            software_vulnerabilities[software_key]["cves"].append(cve_id)
+            cve_info = {"cve_id": cve_id, "severity": severity}
+            software_vulnerabilities[software_key]["cves"].append(cve_info)
             software_vulnerabilities[software_key]["paths"].update(disk_paths)
+            software_vulnerabilities[software_key]["registryPaths"].update(registry_paths)
             software_vulnerabilities[software_key]["max_cvss"] = max(
                 software_vulnerabilities[software_key]["max_cvss"], cvss_score
             )
@@ -107,36 +117,76 @@ class ProductsService:
         # Create details for output
         details = []
+        total_score = 0
         if software_vulnerabilities:
             summary_line = f"{len(products)} total CVEs (Critical: {critical_count}, High: {high_count}, Medium: {medium_count}, Low: {low_count}), {len(vulnerable_software)} vulnerable software"
             details.append(summary_line)
-            # Add software details (limit to 10)
-            for software in list(software_vulnerabilities.values())[:10]:
+            detail_objects = []
+            # Add software details
+            for software in list(software_vulnerabilities.values()):
+                score = 0
                 cve_count = len(software["cves"])
-                unique_cves = list(set(software["cves"]))
+                unique_cves = list(set(cve["cve_id"] for cve in software["cves"]))
                 cve_list = ", ".join(unique_cves[:5])  # Show first 5 CVEs
-                severity = ", ".join(software["severities"])  # Show first 5 CVEs
+                severities = ", ".join(software["severities"])  # Show first 5 CVEs
+                for cve in software["cves"]:
+                    severity = cve["severity"].lower()
+                    if severity == "critical":
+                        score += 100
+                    elif severity == "high":
+                        score += 10
+                    elif severity == "medium":
+                        score += 5
+                    elif severity == "low":
+                        score += 1
                 if len(unique_cves) > 5:
                     cve_list += f".. (+{len(unique_cves) - 5} more)"
-                details.append(
-                    f"{software['name']} {software['version']} ({software['vendor']}) - "
-                    f"{cve_count} ({severity}) weaknesses ({cve_list})"
+                detail_object = DetailObject(
+                    software=f"{software['name']} {software['version']} ({software['vendor']})",
+                    data=f"{score} ({cve_count}: {severities}) weaknesses ({cve_list})",
+                    score=score
                 )
+                total_score += score
                 # Add paths (limit to 4)
                 for path in list(software["paths"])[:4]:
-                    details.append(f" - {path}")
+                    detail_object.paths.append(f" - {path}")
+                # Indicate if more paths exist
+                if (len(software["paths"]) > 4):
+                    detail_object.paths.append(f" - .. (+{len(software['paths']) - 4} more)")
+                # Add registry paths if available (limit to 4)
+                for registry_path in list(software["registryPaths"])[:4]:
+                    detail_object.paths.append(f" - {registry_path}")
+                # Indicate if more registry paths exist
+                if (len(software["registryPaths"]) > 4):
+                    detail_object.paths.append(f" - .. (+{len(software['registryPaths']) - 4} more)")
+                # Collect detail objects for sorting
+                detail_objects.append(detail_object)
+            # Sort detail objects by score descending
+            detail_objects.sort(key=lambda x: x.score, reverse=True)
+            # Limit to top 10
+            for detail_object in detail_objects[:10]:
+                details.append(f"{detail_object.software} {detail_object.data}")
+                details.extend(detail_object.paths)
         # Determine the value based on severity:
         # - Critical vulnerabilities trigger critical threshold
         # - High/Medium vulnerabilities trigger warning threshold
         # - Low vulnerabilities or no vulnerabilities are OK
-        value = (critical_count * 100) + (high_count *10) + (medium_count*5) + (low_count*1)
         result = {
-            "value": value,
+            "value": total_score,
             "details": details,
             "vulnerable_count": len(vulnerable_software),
             "critical_count": critical_count,

{check_msdefender-1.1.10.dist-info → check_msdefender-1.1.13.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: check-msdefender
-Version: 1.1.10
+Version: 1.1.13
 Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
 Keywords: nagios,monitoring,microsoft,graph,api,azure
 Author-Email: ldvchosal <ldvchosal@github.com>

{check_msdefender-1.1.10.dist-info → check_msdefender-1.1.13.dist-info}/RECORD RENAMED Viewed

@@ -1,8 +1,8 @@
-check_msdefender-1.1.10.dist-info/METADATA,sha256=uYW5ttbZmmh_zIglbRmKeGJlJ20UgkVMYFOsMyKJSxk,14799
-check_msdefender-1.1.10.dist-info/WHEEL,sha256=9P2ygRxDrTJz3gsagc0Z96ukrxjr-LFBGOgv3AuKlCA,90
-check_msdefender-1.1.10.dist-info/entry_points.txt,sha256=OqVzHI1PaD9V22g0K7BhA2nYv4O-pH8mcLzuGdsk5rM,79
-check_msdefender-1.1.10.dist-info/licenses/LICENSE,sha256=kW3DwIsKc9HVYdS4f4tI6sLo-EPqBQbz-WmuvHU4Nak,1065
-check_msdefender/__init__.py,sha256=HJ0WhYzGXOqU1QtDqumM6mqkzvD4sBZGTuNLZlYAZMQ,161
+check_msdefender-1.1.13.dist-info/METADATA,sha256=0Q-iA8dDNV1SNQtUQrErNSWYtN9g4m6HBm4Kg5VJ5Iw,14799
+check_msdefender-1.1.13.dist-info/WHEEL,sha256=9P2ygRxDrTJz3gsagc0Z96ukrxjr-LFBGOgv3AuKlCA,90
+check_msdefender-1.1.13.dist-info/entry_points.txt,sha256=OqVzHI1PaD9V22g0K7BhA2nYv4O-pH8mcLzuGdsk5rM,79
+check_msdefender-1.1.13.dist-info/licenses/LICENSE,sha256=kW3DwIsKc9HVYdS4f4tI6sLo-EPqBQbz-WmuvHU4Nak,1065
+check_msdefender/__init__.py,sha256=flO_r0jW8XydeZP3cNFvpdRHm3iCT45ypdkNB8EXrRU,161
 check_msdefender/__main__.py,sha256=TuNsRSdnkQm9OdBTAwD5aB2zV_Irc50WgylVWhrfnLY,124
 check_msdefender/check_msdefender.py,sha256=OO4Tg2DBW28AT-2LOH-qJM2pE5TPcF615BF7HjyZsmA,137
 check_msdefender/cli/__init__.py,sha256=NWaS5ZI9_252AcReugF_WGPMOvQ_B7sC_s3pSrGujcI,291
@@ -31,6 +31,6 @@ check_msdefender/services/lastseen_service.py,sha256=LiNVeUbAoMzowMvE90P7zCtKFHB
 check_msdefender/services/machines_service.py,sha256=KLRwltpYtwg_qtW6BGIxlH-PB9LcnEyW-i3C4RGSD30,3238
 check_msdefender/services/models.py,sha256=CDmQ5vU0-GawIalqXjXNk3rry6gsyjv6eSlW2NiXwQ0,979
 check_msdefender/services/onboarding_service.py,sha256=RIOsvALCoKV0YqnCHKYRkelSPrO-F-6vNBLlto4MpiI,2686
-check_msdefender/services/products_service.py,sha256=fZHk6QPmIBMtLf52IjOX_yh7dSwMC22TcZzU9v3KfFo,6751
+check_msdefender/services/products_service.py,sha256=AqzBJuAg-bAmku8ziGqkoUe_bRkrVpi0nifaLklIxQc,8881
 check_msdefender/services/vulnerabilities_service.py,sha256=LuRRQlFt-K82tGUhLCx_QCOp4CbBgSp7fktmeSSoa9o,6838
-check_msdefender-1.1.10.dist-info/RECORD,,
+check_msdefender-1.1.13.dist-info/RECORD,,

{check_msdefender-1.1.10.dist-info → check_msdefender-1.1.13.dist-info}/WHEEL RENAMED Viewed

File without changes

{check_msdefender-1.1.10.dist-info → check_msdefender-1.1.13.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{check_msdefender-1.1.10.dist-info → check_msdefender-1.1.13.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

check-msdefender 1.1.10__py3-none-any.whl → 1.1.13__py3-none-any.whl

check-msdefender 1.1.10py3-none-any.whl → 1.1.13py3-none-any.whl