check-msdefender 1.1.16__tar.gz → 1.2.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/PKG-INFO +1 -1
  2. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/__init__.py +1 -1
  3. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/defender.py +3 -3
  4. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/machines_service.py +3 -3
  5. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/products_service.py +6 -6
  6. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/pyproject.toml +1 -1
  7. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/LICENSE +0 -0
  8. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/README.md +0 -0
  9. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/__main__.py +0 -0
  10. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/check_msdefender.py +0 -0
  11. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/__init__.py +0 -0
  12. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/__main__.py +0 -0
  13. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/__init__.py +0 -0
  14. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/alerts.py +0 -0
  15. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/detail.py +0 -0
  16. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/lastseen.py +0 -0
  17. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/machines.py +0 -0
  18. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/onboarding.py +0 -0
  19. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/products.py +0 -0
  20. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/commands/vulnerabilities.py +0 -0
  21. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/decorators.py +0 -0
  22. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/cli/handlers.py +0 -0
  23. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/__init__.py +0 -0
  24. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/auth.py +0 -0
  25. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/config.py +0 -0
  26. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/exceptions.py +0 -0
  27. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/logging_config.py +0 -0
  28. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/nagios.py +0 -0
  29. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/__init__.py +0 -0
  30. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/alerts_service.py +0 -0
  31. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/detail_service.py +0 -0
  32. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/lastseen_service.py +0 -0
  33. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/models.py +0 -0
  34. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/onboarding_service.py +0 -0
  35. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/vulnerabilities_service.py +0 -0
  36. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/__init__.py +0 -0
  37. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/__init__.py +0 -0
  38. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/alerts_data.json +0 -0
  39. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/machine_data.json +0 -0
  40. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/mock_defender_client.py +0 -0
  41. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/test_alerts_service.py +0 -0
  42. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/test_detail_service.py +0 -0
  43. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/test_lastseen_service.py +0 -0
  44. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/test_onboarding_service.py +0 -0
  45. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/test_vulnerabilities_service.py +0 -0
  46. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/fixtures/vulnerability_data.json +0 -0
  47. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/integration/__init__.py +0 -0
  48. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/integration/test_cli_integration.py +0 -0
  49. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/integration/test_lastseen_integration.py +0 -0
  50. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/unit/__init__.py +0 -0
  51. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/unit/test_alerts_service.py +0 -0
  52. {check_msdefender-1.1.16 → check_msdefender-1.2.1}/tests/unit/test_detail_service.py +0 -0
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: check-msdefender
3
- Version: 1.1.16
3
+ Version: 1.2.1
4
4
  Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
5
5
  Keywords: nagios,monitoring,microsoft,graph,api,azure
6
6
  Author-Email: ldvchosal <ldvchosal@github.com>
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/__init__.py RENAMED
@@ -1,4 +1,4 @@
1
1
  """Check Microsoft Defender API endpoints and check values - Nagios plugin."""
2
- __version__ = "1.1.16"
2
+ __version__ = "1.2.1"
3
3
  __author__ = "ldvchosal"
4
4
  __email__ = "ldvchosa@github.com"
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/core/defender.py RENAMED
@@ -225,14 +225,14 @@ class DefenderClient:
225
225
 
226
226
  token = self._get_token()
227
227
 
228
- # Use the TVM API endpoint for products
229
- url = f"{self.base_url}/api/machines/SoftwareVulnerabilitiesByMachine"
228
+ # Use the TVM API endpoint for vulnerabilities by machine
229
+ url = f"{self.base_url}/api/vulnerabilities/machinesVulnerabilities"
230
230
  headers = {
231
231
  "Authorization": f"Bearer {token}",
232
232
  "Content-Type": DefenderClient.application_json,
233
233
  }
234
234
 
235
- params = {"pageIndex": "1", "pageSize": "50000"}
235
+ params = {"$top": "10000"}
236
236
 
237
237
  try:
238
238
  start_time = time.time()
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/machines_service.py RENAMED
@@ -40,13 +40,13 @@ class MachinesService:
40
40
 
41
41
  # Liat machines
42
42
  # Define the sort order
43
- status_priority = {"Onboarded": 1, "InsufficientInfo": 2, "Unsupported": 3}
43
+ status_priority = {"Onboarded": 1, "InsufficientInfo": 2, "Unsupported": 3, "CanBeOnboarded": 4}
44
44
 
45
- # Sort by priority
45
+ # Sort by priority (unknown statuses get priority 99)
46
46
  sorted_machines = sorted(
47
47
  machines,
48
48
  key=lambda x: (
49
- status_priority[x["onboardingStatus"] or ""],
49
+ status_priority.get(x["onboardingStatus"] or "", 99),
50
50
  x["computerDnsName"] or "",
51
51
  ),
52
52
  )
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/check_msdefender/services/products_service.py RENAMED
@@ -54,7 +54,7 @@ class ProductsService:
54
54
  products_data = self.defender.get_products()
55
55
  all_products = products_data.get("value", [])
56
56
  products = [
57
- product for product in all_products if product.get("deviceId") == target_machine_id
57
+ product for product in all_products if product.get("machineId") == target_machine_id
58
58
  ]
59
59
 
60
60
  self.logger.info(f"Found {len(products)} vulnerabilities for machine {target_dns_name}")
@@ -62,14 +62,14 @@ class ProductsService:
62
62
  # Group vulnerabilities by software
63
63
  software_vulnerabilities = {}
64
64
  for vulnerability in products:
65
- software_name = vulnerability.get("softwareName", "Unknown")
66
- software_version = vulnerability.get("softwareVersion", "Unknown")
67
- software_vendor = vulnerability.get("softwareVendor", "Unknown")
65
+ software_name = vulnerability.get("productName", "Unknown")
66
+ software_version = vulnerability.get("productVersion", "Unknown")
67
+ software_vendor = vulnerability.get("productVendor", "Unknown")
68
68
  cve_id = vulnerability.get("cveId", "Unknown")
69
69
  cvss_score = vulnerability.get("cvssScore", 0)
70
70
  disk_paths = vulnerability.get("diskPaths", [])
71
71
  registry_paths = vulnerability.get("registryPaths", [])
72
- severity = vulnerability.get("vulnerabilitySeverityLevel", "Unknown")
72
+ severity = vulnerability.get("severity", "Unknown")
73
73
 
74
74
  software_key = f"{software_name}-{software_version}-{software_vendor}"
75
75
 
@@ -101,7 +101,7 @@ class ProductsService:
101
101
  low_count = 0
102
102
 
103
103
  for vulnerability in products:
104
- severityLevel = vulnerability.get("vulnerabilitySeverityLevel", "Unknown")
104
+ severityLevel = vulnerability.get("severity", "Unknown")
105
105
  severity = (severityLevel or "Unknown").lower()
106
106
  if severity == "critical":
107
107
  critical_count += 1
{check_msdefender-1.1.16 → check_msdefender-1.2.1}/pyproject.toml RENAMED
@@ -39,7 +39,7 @@ dependencies = [
39
39
  "azure-identity>=1.12.0",
40
40
  "click>=8.0,<9.0",
41
41
  ]
42
- version = "1.1.16"
42
+ version = "1.2.1"
43
43
 
44
44
  [project.license]
45
45
  text = "MIT"