check-msdefender 1.1.10__tar.gz → 1.1.13__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/PKG-INFO +1 -1
  2. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/__init__.py +1 -1
  3. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/products_service.py +62 -12
  4. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/pyproject.toml +1 -1
  5. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/LICENSE +0 -0
  6. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/README.md +0 -0
  7. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/__main__.py +0 -0
  8. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/check_msdefender.py +0 -0
  9. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/__init__.py +0 -0
  10. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/__main__.py +0 -0
  11. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/__init__.py +0 -0
  12. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/alerts.py +0 -0
  13. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/detail.py +0 -0
  14. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/lastseen.py +0 -0
  15. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/machines.py +0 -0
  16. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/onboarding.py +0 -0
  17. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/products.py +0 -0
  18. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/commands/vulnerabilities.py +0 -0
  19. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/decorators.py +0 -0
  20. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/cli/handlers.py +0 -0
  21. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/__init__.py +0 -0
  22. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/auth.py +0 -0
  23. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/config.py +0 -0
  24. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/defender.py +0 -0
  25. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/exceptions.py +0 -0
  26. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/logging_config.py +0 -0
  27. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/core/nagios.py +0 -0
  28. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/__init__.py +0 -0
  29. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/alerts_service.py +0 -0
  30. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/detail_service.py +0 -0
  31. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/lastseen_service.py +0 -0
  32. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/machines_service.py +0 -0
  33. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/models.py +0 -0
  34. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/onboarding_service.py +0 -0
  35. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/vulnerabilities_service.py +0 -0
  36. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/__init__.py +0 -0
  37. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/__init__.py +0 -0
  38. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/alerts_data.json +0 -0
  39. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/machine_data.json +0 -0
  40. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/mock_defender_client.py +0 -0
  41. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/test_alerts_service.py +0 -0
  42. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/test_detail_service.py +0 -0
  43. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/test_lastseen_service.py +0 -0
  44. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/test_onboarding_service.py +0 -0
  45. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/test_vulnerabilities_service.py +0 -0
  46. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/fixtures/vulnerability_data.json +0 -0
  47. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/integration/__init__.py +0 -0
  48. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/integration/test_cli_integration.py +0 -0
  49. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/integration/test_lastseen_integration.py +0 -0
  50. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/unit/__init__.py +0 -0
  51. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/unit/test_alerts_service.py +0 -0
  52. {check_msdefender-1.1.10 → check_msdefender-1.1.13}/tests/unit/test_detail_service.py +0 -0
{check_msdefender-1.1.10 → check_msdefender-1.1.13}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: check-msdefender
3
- Version: 1.1.10
3
+ Version: 1.1.13
4
4
  Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
5
5
  Keywords: nagios,monitoring,microsoft,graph,api,azure
6
6
  Author-Email: ldvchosal <ldvchosal@github.com>
{check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/__init__.py RENAMED
@@ -1,4 +1,4 @@
1
1
  """Check Microsoft Defender API endpoints and check values - Nagios plugin."""
2
- __version__ = "1.1.10"
2
+ __version__ = "1.1.13"
3
3
  __author__ = "ldvchosal"
4
4
  __email__ = "ldvchosa@github.com"
{check_msdefender-1.1.10 → check_msdefender-1.1.13}/check_msdefender/services/products_service.py RENAMED
@@ -6,6 +6,12 @@ from datetime import datetime
6
6
  from check_msdefender.core.exceptions import ValidationError
7
7
  from check_msdefender.core.logging_config import get_verbose_logger
8
8
 
9
+ class DetailObject:
10
+ def __init__(self, software: str, data: str, score: int):
11
+ self.software = software
12
+ self.data = data
13
+ self.score = score
14
+ self.paths: list[str] = []
9
15
 
10
16
  class ProductsService:
11
17
  """Service for checking installed products on machines."""
@@ -60,6 +66,7 @@ class ProductsService:
60
66
  cve_id = vulnerability.get("cveId", "Unknown")
61
67
  cvss_score = vulnerability.get("cvssScore", 0)
62
68
  disk_paths = vulnerability.get("diskPaths", [])
69
+ registry_paths = vulnerability.get("registryPaths", [])
63
70
  severity = vulnerability.get("vulnerabilitySeverityLevel", "Unknown")
64
71
 
65
72
  software_key = f"{software_name}-{software_version}-{software_vendor}"
@@ -71,12 +78,15 @@ class ProductsService:
71
78
  "vendor": software_vendor,
72
79
  "cves": [],
73
80
  "paths": set(),
81
+ "registryPaths": set(),
74
82
  "max_cvss": 0,
75
83
  "severities": set(),
76
84
  }
77
85
 
78
- software_vulnerabilities[software_key]["cves"].append(cve_id)
86
+ cve_info = {"cve_id": cve_id, "severity": severity}
87
+ software_vulnerabilities[software_key]["cves"].append(cve_info)
79
88
  software_vulnerabilities[software_key]["paths"].update(disk_paths)
89
+ software_vulnerabilities[software_key]["registryPaths"].update(registry_paths)
80
90
  software_vulnerabilities[software_key]["max_cvss"] = max(
81
91
  software_vulnerabilities[software_key]["max_cvss"], cvss_score
82
92
  )
@@ -107,36 +117,76 @@ class ProductsService:
107
117
 
108
118
  # Create details for output
109
119
  details = []
120
+ total_score = 0
110
121
  if software_vulnerabilities:
111
122
  summary_line = f"{len(products)} total CVEs (Critical: {critical_count}, High: {high_count}, Medium: {medium_count}, Low: {low_count}), {len(vulnerable_software)} vulnerable software"
112
123
  details.append(summary_line)
113
124
 
114
- # Add software details (limit to 10)
115
- for software in list(software_vulnerabilities.values())[:10]:
125
+ detail_objects = []
126
+
127
+ # Add software details
128
+ for software in list(software_vulnerabilities.values()):
129
+ score = 0
130
+
116
131
  cve_count = len(software["cves"])
117
- unique_cves = list(set(software["cves"]))
132
+ unique_cves = list(set(cve["cve_id"] for cve in software["cves"]))
118
133
  cve_list = ", ".join(unique_cves[:5]) # Show first 5 CVEs
119
- severity = ", ".join(software["severities"]) # Show first 5 CVEs
134
+ severities = ", ".join(software["severities"]) # Show first 5 CVEs
135
+ for cve in software["cves"]:
136
+ severity = cve["severity"].lower()
137
+ if severity == "critical":
138
+ score += 100
139
+ elif severity == "high":
140
+ score += 10
141
+ elif severity == "medium":
142
+ score += 5
143
+ elif severity == "low":
144
+ score += 1
145
+
120
146
  if len(unique_cves) > 5:
121
147
  cve_list += f".. (+{len(unique_cves) - 5} more)"
122
148
 
123
- details.append(
124
- f"{software['name']} {software['version']} ({software['vendor']}) - "
125
- f"{cve_count} ({severity}) weaknesses ({cve_list})"
149
+ detail_object = DetailObject(
150
+ software=f"{software['name']} {software['version']} ({software['vendor']})",
151
+ data=f"{score} ({cve_count}: {severities}) weaknesses ({cve_list})",
152
+ score=score
126
153
  )
127
154
 
155
+ total_score += score
156
+
128
157
  # Add paths (limit to 4)
129
158
  for path in list(software["paths"])[:4]:
130
- details.append(f" - {path}")
159
+ detail_object.paths.append(f" - {path}")
160
+
161
+ # Indicate if more paths exist
162
+ if (len(software["paths"]) > 4):
163
+ detail_object.paths.append(f" - .. (+{len(software['paths']) - 4} more)")
164
+
165
+ # Add registry paths if available (limit to 4)
166
+ for registry_path in list(software["registryPaths"])[:4]:
167
+ detail_object.paths.append(f" - {registry_path}")
168
+
169
+ # Indicate if more registry paths exist
170
+ if (len(software["registryPaths"]) > 4):
171
+ detail_object.paths.append(f" - .. (+{len(software['registryPaths']) - 4} more)")
172
+
173
+ # Collect detail objects for sorting
174
+ detail_objects.append(detail_object)
175
+
176
+ # Sort detail objects by score descending
177
+ detail_objects.sort(key=lambda x: x.score, reverse=True)
178
+
179
+ # Limit to top 10
180
+ for detail_object in detail_objects[:10]:
181
+ details.append(f"{detail_object.software} {detail_object.data}")
182
+ details.extend(detail_object.paths)
131
183
 
132
184
  # Determine the value based on severity:
133
185
  # - Critical vulnerabilities trigger critical threshold
134
186
  # - High/Medium vulnerabilities trigger warning threshold
135
187
  # - Low vulnerabilities or no vulnerabilities are OK
136
-
137
- value = (critical_count * 100) + (high_count *10) + (medium_count*5) + (low_count*1)
138
188
  result = {
139
- "value": value,
189
+ "value": total_score,
140
190
  "details": details,
141
191
  "vulnerable_count": len(vulnerable_software),
142
192
  "critical_count": critical_count,
{check_msdefender-1.1.10 → check_msdefender-1.1.13}/pyproject.toml RENAMED
@@ -38,7 +38,7 @@ dependencies = [
38
38
  "azure-identity>=1.12.0",
39
39
  "click>=8.0,<9.0",
40
40
  ]
41
- version = "1.1.10"
41
+ version = "1.1.13"
42
42
 
43
43
  [project.license]
44
44
  text = "MIT"