check-msdefender 1.1.2__py3-none-any.whl → 1.1.4__py3-none-any.whl

check_msdefender/cli/decorators.py

@@ -10,7 +10,9 @@ def common_options(func: Callable[..., Any]) -> Callable[..., Any]:
         "-c", "--config", default="check_msdefender.ini", help="Configuration file path"
     )(func)
     func = click.option("-v", "--verbose", count=True, help="Increase verbosity")(func)
-    func = click.option("-m", "--machine-id", "-i", "--id", help="Machine ID (GUID)")(func)
+    func = click.option("-m", "--machine-id", "-i", "--id", help="Machine ID (GUID)")(
+        func
+    )
     func = click.option("-d", "--dns-name", help="Computer DNS Name (FQDN)")(func)
     func = click.option("-W", "--warning", type=float, help="Warning threshold")(func)
     func = click.option("-C", "--critical", type=float, help="Critical threshold")(func)

check_msdefender/core/auth.py

@@ -20,7 +20,9 @@ def get_authenticator(
     tenant_id = auth_section.get("tenant_id")
 
     if not client_id or not tenant_id:
-        raise ConfigurationError("client_id and tenant_id are required in [auth] section")
+        raise ConfigurationError(
+            "client_id and tenant_id are required in [auth] section"
+        )
 
     # Check for client secret authentication
     client_secret = auth_section.get("client_secret")

check_msdefender/core/defender.py

@@ -13,7 +13,11 @@ class DefenderClient:
     application_json = "application/json"
 
     def __init__(
-        self, authenticator: Any, timeout: int = 5, region: str = "eu3", verbose_level: int = 0
+        self,
+        authenticator: Any,
+        timeout: int = 5,
+        region: str = "eu",
+        verbose_level: int = 0,
     ) -> None:
         """Initialize with authenticator and optional region.
 
@@ -32,12 +36,12 @@ class DefenderClient:
     def _get_base_url(self, region: str) -> str:
         """Get base URL for the specified region."""
         endpoints = {
-            "eu": "https://api-eu.securitycenter.microsoft.com",
-            "eu3": "https://api-eu3.securitycenter.microsoft.com",
-            "us": "https://api.securitycenter.microsoft.com",
-            "uk": "https://api-uk.securitycenter.microsoft.com",
+            "eu": "https://eu.api.security.microsoft.com",
+            "us": "https://us.api.security.microsoft.com",
+            "uk": "https://uk.api.security.microsoft.com",
+            "api": "https://api.security.microsoft.com",
         }
-        return endpoints.get(region, endpoints["eu3"])
+        return endpoints.get(region, endpoints["eu"])
 
     def get_machine_by_dns_name(self, dns_name: str) -> Dict[str, Any]:
         """Get machine information by DNS name."""
@@ -56,7 +60,9 @@ class DefenderClient:
         try:
             start_time = time.time()
             self.logger.info(f"Querying machine by DNS name: {dns_name}")
-            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
+            response = requests.get(
+                url, headers=headers, params=params, timeout=self.timeout
+            )
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)
@@ -151,7 +157,9 @@ class DefenderClient:
         try:
             start_time = time.time()
             self.logger.info("Querying all machines")
-            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
+            response = requests.get(
+                url, headers=headers, params=params, timeout=self.timeout
+            )
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)
@@ -189,7 +197,9 @@ class DefenderClient:
         try:
             start_time = time.time()
             self.logger.info("Querying alerts")
-            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
+            response = requests.get(
+                url, headers=headers, params=params, timeout=self.timeout
+            )
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)

check_msdefender/core/logging_config.py

@@ -36,7 +36,8 @@ class VerboseLogger:
         if self.verbose_level >= 3:
             # Full trace format
             formatter = logging.Formatter(
-                "[%(levelname)s] %(asctime)s %(name)s:%(lineno)d - %(message)s", datefmt="%H:%M:%S"
+                "[%(levelname)s] %(asctime)s %(name)s:%(lineno)d - %(message)s",
+                datefmt="%H:%M:%S",
             )
         elif self.verbose_level >= 2:
             # Debug format
@@ -81,7 +82,9 @@ class VerboseLogger:
         """Log API call details if verbose >= 2."""
         if self.verbose_level >= 2:
             if status_code and response_time:
-                self.logger.debug(f"API {method} {url} -> {status_code} ({response_time:.3f}s)")
+                self.logger.debug(
+                    f"API {method} {url} -> {status_code} ({response_time:.3f}s)"
+                )
             else:
                 self.logger.debug(f"API {method} {url}")
 

check_msdefender/core/nagios.py

@@ -128,7 +128,9 @@ class NagiosPlugin:
 
             # Create Nagios check with custom summary
             # Use 'found' as context name for detail command, otherwise use command name
-            context_name = "found" if self.command_name == "detail" else self.command_name
+            context_name = (
+                "found" if self.command_name == "detail" else self.command_name
+            )
             check = nagiosplugin.Check(
                 DefenderResource(self.command_name, value),
                 DefenderScalarContext(context_name, warning, critical),

check_msdefender/services/alerts_service.py

@@ -53,12 +53,18 @@ class AlertsService:
             or alert.get("computerDnsName") == target_dns_name
         ]
 
-        self.logger.info(f"Found {len(machine_alerts)} alerts for machine {target_dns_name}")
+        self.logger.info(
+            f"Found {len(machine_alerts)} alerts for machine {target_dns_name}"
+        )
 
         # Categorize alerts by status and severity
-        unresolved_alerts = [alert for alert in machine_alerts if alert.get("status") != "Resolved"]
+        unresolved_alerts = [
+            alert for alert in machine_alerts if alert.get("status") != "Resolved"
+        ]
         informational_alerts = [
-            alert for alert in unresolved_alerts if alert.get("severity") == "Informational"
+            alert
+            for alert in unresolved_alerts
+            if alert.get("severity") == "Informational"
         ]
         critical_warning_alerts = [
             alert
@@ -82,7 +88,9 @@ class AlertsService:
                 title = alert.get("title", "Unknown alert")
                 status = alert.get("status", "Unknown")
                 severity = alert.get("severity", "Unknown")
-                details.append(f"{creation_time} - {title} ({status} {severity.lower()})")
+                details.append(
+                    f"{creation_time} - {title} ({status} {severity.lower()})"
+                )
 
         # Return the number of unresolved alerts as the value
         # This will be used by Nagios plugin for determining status based on thresholds
@@ -93,6 +101,8 @@ class AlertsService:
             "details": details,
         }
 
-        self.logger.info(f"Alert analysis complete: {len(unresolved_alerts)} unresolved alerts")
+        self.logger.info(
+            f"Alert analysis complete: {len(unresolved_alerts)} unresolved alerts"
+        )
         self.logger.method_exit("get_result", result)
         return result

check_msdefender/services/detail_service.py

@@ -54,10 +54,16 @@ class DetailService:
             # Create detailed output
             details = []
             details.append(f"Machine ID: {machine_details.get('id', 'Unknown')}")
-            details.append(f"Computer Name: {machine_details.get('computerDnsName', 'Unknown')}")
-            details.append(f"OS Platform: {machine_details.get('osPlatform', 'Unknown')}")
+            details.append(
+                f"Computer Name: {machine_details.get('computerDnsName', 'Unknown')}"
+            )
+            details.append(
+                f"OS Platform: {machine_details.get('osPlatform', 'Unknown')}"
+            )
             details.append(f"OS Version: {machine_details.get('osVersion', 'Unknown')}")
-            details.append(f"Health Status: {machine_details.get('healthStatus', 'Unknown')}")
+            details.append(
+                f"Health Status: {machine_details.get('healthStatus', 'Unknown')}"
+            )
             details.append(f"Risk Score: {machine_details.get('riskScore', 'Unknown')}")
 
             result = {"value": 1, "details": details}

check_msdefender/services/lastseen_service.py

@@ -62,7 +62,9 @@ class LastSeenService:
 
             result = {"value": days_diff, "details": details}
 
-            self.logger.info(f"Machine last seen {days_diff} days ago ({last_seen_str})")
+            self.logger.info(
+                f"Machine last seen {days_diff} days ago ({last_seen_str})"
+            )
             self.logger.method_exit("get_result", result)
             return result
         except (ValueError, TypeError) as e:

check_msdefender/services/machines_service.py

@@ -23,7 +23,10 @@ class MachinesService:
 
         if not machines_data.get("value"):
             self.logger.info("No machines found")
-            result = {"value": 0, "details": ["No machines found in Microsoft Defender"]}
+            result = {
+                "value": 0,
+                "details": ["No machines found in Microsoft Defender"],
+            }
             self.logger.method_exit("get_result", result)
             return result
 
@@ -39,7 +42,11 @@ class MachinesService:
 
         # Sort by priority
         sorted_machines = sorted(
-            machines, key=lambda x: (status_priority[x["onboardingStatus"]], x["computerDnsName"])
+            machines,
+            key=lambda x: (
+                status_priority[x["onboardingStatus"]],
+                x["computerDnsName"],
+            ),
         )
         for machine in sorted_machines:
             onboarded = "✓" if machine["onboardingStatus"] == "Onboarded" else "✗"

check_msdefender/services/onboarding_service.py

@@ -54,6 +54,8 @@ class OnboardingService:
 
         result = {"value": result_value, "details": details}
 
-        self.logger.info(f"Machine onboarding status: {onboarding_state} -> {result_value}")
+        self.logger.info(
+            f"Machine onboarding status: {onboarding_state} -> {result_value}"
+        )
         self.logger.method_exit("get_result", result)
         return result

check_msdefender/services/vulnerabilities_service.py

@@ -41,7 +41,9 @@ class VulnerabilitiesService:
 
         # Process and deduplicate vulnerabilities
         vulnerabilities = self._process_vulnerabilities(raw_vulnerabilities)
-        self.logger.info(f"Found {len(vulnerabilities)} unique vulnerabilities after deduplication")
+        self.logger.info(
+            f"Found {len(vulnerabilities)} unique vulnerabilities after deduplication"
+        )
 
         # Calculate vulnerability score
         score = VulnerabilityScore()
@@ -54,7 +56,9 @@ class VulnerabilitiesService:
 
         for vuln in sorted_vulnerabilities:
             severity = vuln.severity.lower()
-            self.logger.debug(f"Processing vulnerability {vuln.id} with severity: {severity}")
+            self.logger.debug(
+                f"Processing vulnerability {vuln.id} with severity: {severity}"
+            )
 
             if severity == "critical":
                 score.critical += 1
@@ -75,7 +79,8 @@ class VulnerabilitiesService:
         self.logger.info(f"Total vulnerability score: {score.total_score}")
 
         details.insert(
-            0, f"Vulnerabilities: {len(raw_vulnerabilities)}, score: {score.total_score}"
+            0,
+            f"Vulnerabilities: {len(raw_vulnerabilities)}, score: {score.total_score}",
         )
 
         result = {"value": score.total_score, "details": details}
@@ -125,7 +130,9 @@ class VulnerabilitiesService:
         # Sort by severity
         sorted_vulnerabilities = self._sort_by_severity(vulnerabilities)
 
-        self.logger.method_exit("get_detailed_vulnerabilities", len(sorted_vulnerabilities))
+        self.logger.method_exit(
+            "get_detailed_vulnerabilities", len(sorted_vulnerabilities)
+        )
         return sorted_vulnerabilities
 
     def _process_vulnerabilities(
@@ -156,8 +163,11 @@ class VulnerabilitiesService:
 
         return unique_vulnerabilities
 
-    def _sort_by_severity(self, vulnerabilities: List[Vulnerability]) -> List[Vulnerability]:
+    def _sort_by_severity(
+        self, vulnerabilities: List[Vulnerability]
+    ) -> List[Vulnerability]:
         """Sort vulnerabilities by severity (Critical > High > Medium > Low)."""
         return sorted(
-            vulnerabilities, key=lambda v: self._severity_order.get(v.severity.lower(), 999)
+            vulnerabilities,
+            key=lambda v: self._severity_order.get(v.severity.lower(), 999),
         )

{check_msdefender-1.1.2.dist-info → check_msdefender-1.1.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: check-msdefender
-Version: 1.1.2
+Version: 1.1.4
 Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
 Keywords: nagios,monitoring,microsoft,graph,api,azure
 Author-Email: ldvchosal <ldvchosal@github.com>
@@ -32,6 +32,7 @@ Requires-Dist: flake8>=3.8; extra == "dev"
 Requires-Dist: mypy>=0.800; extra == "dev"
 Requires-Dist: twine>=6.2.0; extra == "dev"
 Requires-Dist: pdm>=2.0.0; extra == "dev"
+Requires-Dist: ruff>=0.13.0; extra == "dev"
 Description-Content-Type: text/markdown
 
 # 🛡️ Check MS Defender
@@ -294,7 +295,6 @@ source .venv/bin/activate  # Windows: .venv\Scripts\activate
 
 # Install in development mode
 pip install -e .
-pip install -r requirements-dev.txt
 ```
 
 ### Code Quality Tools

{check_msdefender-1.1.2.dist-info → check_msdefender-1.1.4.dist-info}/RECORD

@@ -1,7 +1,7 @@
-check_msdefender-1.1.2.dist-info/METADATA,sha256=fJ9nhfz8Hx61xVoQ0KR-l7rNaJOCcqxU9YqBB3wrC1g,14071
-check_msdefender-1.1.2.dist-info/WHEEL,sha256=9P2ygRxDrTJz3gsagc0Z96ukrxjr-LFBGOgv3AuKlCA,90
-check_msdefender-1.1.2.dist-info/entry_points.txt,sha256=OqVzHI1PaD9V22g0K7BhA2nYv4O-pH8mcLzuGdsk5rM,79
-check_msdefender-1.1.2.dist-info/licenses/LICENSE,sha256=kW3DwIsKc9HVYdS4f4tI6sLo-EPqBQbz-WmuvHU4Nak,1065
+check_msdefender-1.1.4.dist-info/METADATA,sha256=XGMBO_Ya5rReVoyq3pbxitdBA4S2J1yC_MF9S1XBb_Y,14079
+check_msdefender-1.1.4.dist-info/WHEEL,sha256=9P2ygRxDrTJz3gsagc0Z96ukrxjr-LFBGOgv3AuKlCA,90
+check_msdefender-1.1.4.dist-info/entry_points.txt,sha256=OqVzHI1PaD9V22g0K7BhA2nYv4O-pH8mcLzuGdsk5rM,79
+check_msdefender-1.1.4.dist-info/licenses/LICENSE,sha256=kW3DwIsKc9HVYdS4f4tI6sLo-EPqBQbz-WmuvHU4Nak,1065
 check_msdefender/__init__.py,sha256=HDn1Ub7Ohqkfko0kUPT8w7HqU52jXwo-leSTImO1x_k,161
 check_msdefender/__main__.py,sha256=TuNsRSdnkQm9OdBTAwD5aB2zV_Irc50WgylVWhrfnLY,124
 check_msdefender/check_msdefender.py,sha256=OO4Tg2DBW28AT-2LOH-qJM2pE5TPcF615BF7HjyZsmA,137
@@ -14,21 +14,21 @@ check_msdefender/cli/commands/lastseen.py,sha256=my-kW00ioaFdmec3zjqrLk12kt9Pld8
 check_msdefender/cli/commands/machines.py,sha256=uyQal7P4VI4a3dECFWgXKBiUPcdxhUrpWFOyKHmpORU,1724
 check_msdefender/cli/commands/onboarding.py,sha256=5QSP75uyrX0MQ1ABiGFSDKIzVszLF8U3uQ4bqFF9F2g,1912
 check_msdefender/cli/commands/vulnerabilities.py,sha256=fl8NYAO4Ug2Yk5NmQ6CT9TuibhFHWE01R6YjDIPgYl4,1931
-check_msdefender/cli/decorators.py,sha256=wRUv4vY6SL3nFjpYW9h1M1xDO_pzA6--gCtg3y6MmQM,786
+check_msdefender/cli/decorators.py,sha256=EWgchw56-_ZIYEdwZNZsc5LncSw6obFp1RXKGTknU2E,800
 check_msdefender/cli/handlers.py,sha256=hp_CX_3qPoQGrPPVeiojb2j7tuFMva4ebWg9CxVUiPg,1395
 check_msdefender/core/__init__.py,sha256=naBiEkixiWTuHU3GENk8fqC8H3p_hkzRsmSY2uiM_TQ,47
-check_msdefender/core/auth.py,sha256=7mkGmhGHy4t38O0e4Rz7dQ52xfMbK3IUXMlw3u83aB4,1585
+check_msdefender/core/auth.py,sha256=TDolCrwQoo37poaNUYJC2kgp4QpeH0W9AOathYCIUgw,1607
 check_msdefender/core/config.py,sha256=IoWBL_DB110F4i6hFfli6iFDBXx57dHh32lCuLkcgNk,1170
-check_msdefender/core/defender.py,sha256=XicGQrWuc9UCBr_Vc0SZxNSoZ_OwFXiFwfP_c9-eRtc,8838
+check_msdefender/core/defender.py,sha256=bP0oB_Y9uu1Rx6gZeYc6KDJDcrmUQdgPaHRaswHXa5U,8934
 check_msdefender/core/exceptions.py,sha256=X4s_XM64SEVSs-4mGKqnF8xXwGFY3E0buvkgRNuCCX4,600
-check_msdefender/core/logging_config.py,sha256=27gLjvbP_AgedDQWZQEFfn_CGn5y6HcJQlI5jlxQHow,4067
-check_msdefender/core/nagios.py,sha256=nZSo-1VV57WFSieyRp456tw_OqpjXOoM_MEjnLkgxlE,6600
+check_msdefender/core/logging_config.py,sha256=J4vdxbJBM4LDpbNvjRsVPZcsvW0yfRz7TnkJmOwyjpE,4122
+check_msdefender/core/nagios.py,sha256=uIp_WRkr-27gyjL1YKgzMhfcBmJt-0aSbm5XjtYyAN8,6632
 check_msdefender/services/__init__.py,sha256=_fiKXxcz263IghXn9BnUWDKPgedhUPoSakEN3tBd2SU,44
-check_msdefender/services/alerts_service.py,sha256=poKZw1WKphmtPPnuMDrGRuPQbRLjLDZpo2rhFCh7TDc,4034
-check_msdefender/services/detail_service.py,sha256=i-jXubNfsNf-fS6ba2MQecN886GzU0UC40DwS3HrnnY,3382
-check_msdefender/services/lastseen_service.py,sha256=LiNVeUbAoMzowMvE90P7zCtKFHBLbIDp5mmkVHRLwqs,3128
-check_msdefender/services/machines_service.py,sha256=XTiEctJ2EmZrjPu3xBlFbC_UkkPbUROrPXmqX2bUYss,3059
+check_msdefender/services/alerts_service.py,sha256=XxtP31Zt0WcfkW65YlJgoSVRxRX3yAJ4LTpgx9er-xc,4162
+check_msdefender/services/detail_service.py,sha256=PMoBv_m0udwWdPus5SvDx49V6iP9ERGWg5pX5cGARvA,3472
+check_msdefender/services/lastseen_service.py,sha256=T98Axx4ziUEavibXuG5FB2eHTyAcxktNM1DI4Y5fo1c,3158
+check_msdefender/services/machines_service.py,sha256=XYWnAliNo1DyIvdQ5xcPh133_CaW8U39WGdmiATwZps,3166
 check_msdefender/services/models.py,sha256=CDmQ5vU0-GawIalqXjXNk3rry6gsyjv6eSlW2NiXwQ0,979
-check_msdefender/services/onboarding_service.py,sha256=RIOsvALCoKV0YqnCHKYRkelSPrO-F-6vNBLlto4MpiI,2686
-check_msdefender/services/vulnerabilities_service.py,sha256=ikD6E-hg7LtvCiTg7cTCqGSTly6Wgtql82NJD81D2n0,6812
-check_msdefender-1.1.2.dist-info/RECORD,,
+check_msdefender/services/onboarding_service.py,sha256=5ekrDlt6Vc__28O7b8niY-KPA14Dnw0UbuSgdx7_Lyg,2708
+check_msdefender/services/vulnerabilities_service.py,sha256=DfU6NaAkm-X5BVL3Zfm3lDe21vE-r1ErYh3r8nZLA6I,6926
+check_msdefender-1.1.4.dist-info/RECORD,,