# ๐ก๏ธ Check MS Defender
[](https://python.org)
[](https://opensource.org/licenses/MIT)
[](https://github.com/lduchosal/check_msdefender)
A comprehensive **Nagios plugin** for monitoring Microsoft Defender for Endpoint API endpoints. Built with modern Python practices and designed for enterprise monitoring environments.
## โจ Features
- ๐ **Dual Authentication** - Support for Client Secret and Certificate-based authentication
- ๐ฏ **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, alerts, and machine details
- ๐ **Nagios Compatible** - Standard exit codes and performance data output
- ๐๏ธ **Clean Architecture** - Modular design with testable components
- ๐ง **Flexible Configuration** - File-based configuration with sensible defaults
- ๐ **Verbose Logging** - Multi-level debugging support
- ๐ **Modern Python** - Built with Python 3.9+ using type hints and async patterns
## ๐ Quick Start
### Installation
```bash
# Create virtual environment (recommended)
python -m venv /usr/local/libexec/nagios/check_msdefender
source /usr/local/libexec/nagios/check_msdefender/bin/activate
# Install from source
pip install git+https://github.com/lduchosal/check_msdefender.git
```
### Basic Usage
```bash
# Check machine onboarding status
check_msdefender onboarding -d machine.domain.tld
# Check last seen (with custom thresholds)
check_msdefender lastseen -d machine.domain.tld -W 7 -C 30
# Check vulnerabilities
check_msdefender vulnerabilities -d machine.domain.tld -W 10 -C 100
# Check alerts
check_msdefender alerts -d machine.domain.tld -W 1 -C 5
# List all machines
check_msdefender machines
# Get detailed machine info
check_msdefender detail -d machine.domain.tld
```
## ๐ Available Commands
| Command | Description | Default Thresholds |
|---------|-------------|-------------------|
| `onboarding` | Check machine onboarding status | W:1, C:2 |
| `lastseen` | Days since machine last seen | W:7, C:30 |
| `vulnerabilities` | Vulnerability score calculation | W:10, C:100 |
| `alerts` | Count of unresolved alerts | W:1, C:0 |
| `machines` | List all machines | W:10, C:25 |
| `detail` | Get detailed machine information | - |
### Vulnerability Scoring
The vulnerability score is calculated as:
- **Critical vulnerabilities** ร 100
- **High vulnerabilities** ร 10
- **Medium vulnerabilities** ร 5
- **Low vulnerabilities** ร 1
### Alert Monitoring
The alerts command monitors unresolved security alerts for a machine:
- **Counts only unresolved alerts** (status โ "Resolved")
- **Excludes informational alerts** when critical/warning alerts exist
- **Shows alert details** including creation time, title, and severity
- **Default thresholds**: Warning at 1 alert, Critical at 0 (meaning any alert triggers warning)
### Onboarding Status Values
- `0` - Onboarded โ
- `1` - InsufficientInfo โ ๏ธ
- `2` - Unknown โ
## โ๏ธ Configuration
### Authentication Setup
Create `check_msdefender.ini` in your Nagios directory or current working directory:
#### Client Secret Authentication
```ini
[auth]
client_id = your-application-client-id
client_secret = your-client-secret
tenant_id = your-azure-tenant-id
[settings]
timeout = 5
```
#### Certificate Authentication
```ini
[auth]
client_id = your-application-client-id
tenant_id = your-azure-tenant-id
certificate_path = /path/to/certificate.pem
private_key_path = /path/to/private_key.pem
[settings]
timeout = 5
```
### Microsoft Defender API Setup
1. **Register Application** in Azure Active Directory
2. **Grant API Permissions**:
- `Machine.Read.All`
- `Vulnerability.Read`
- `Vulnerability.Read.All`
- `Alert.Read.All`
3. **Create Authentication** (Secret or Certificate)
4. **Note Credentials** (Client ID, Tenant ID, Secret/Certificate)
๐ [Complete API Setup Guide](https://learn.microsoft.com/en-us/defender-endpoint/api/api-hello-world)
## ๐ง Command Line Options
| Option | Description | Example |
|--------|-------------|---------|
| `-c, --config` | Configuration file path | `-c /custom/path/config.ini` |
| `-m, --machineId` | Machine ID (GUID) | `-m "12345678-1234-1234-1234-123456789abc"` |
| `-d, --computerDnsName` | Computer DNS Name (FQDN) | `-d "server.domain.com"` |
| `-W, --warning` | Warning threshold | `-W 10` |
| `-C, --critical` | Critical threshold | `-C 100` |
| `-v, --verbose` | Verbosity level | `-v`, `-vv`, `-vvv` |
| `--version` | Show version | `--version` |
## ๐ข Nagios Integration
### Command Definitions
```cfg
# Microsoft Defender Commands
define command {
command_name check_defender_onboarding
command_line $USER1$/check_msdefender/bin/check_msdefender onboarding -d $HOSTALIAS$
}
define command {
command_name check_defender_lastseen
command_line $USER1$/check_msdefender/bin/check_msdefender lastseen -d $HOSTALIAS$ -W 7 -C 30
}
define command {
command_name check_defender_vulnerabilities
command_line $USER1$/check_msdefender/bin/check_msdefender vulnerabilities -d $HOSTALIAS$ -W 10 -C 100
}
define command {
command_name check_defender_alerts
command_line $USER1$/check_msdefender/bin/check_msdefender alerts -d $HOSTALIAS$ -W 1 -C 5
}
```
### Service Definitions
```cfg
# Microsoft Defender Services
define service {
use generic-service
service_description DEFENDER_ONBOARDING
check_command check_defender_onboarding
hostgroup_name msdefender
}
define service {
use generic-service
service_description DEFENDER_LASTSEEN
check_command check_defender_lastseen
hostgroup_name msdefender
}
define service {
use generic-service
service_description DEFENDER_VULNERABILITIES
check_command check_defender_vulnerabilities
hostgroup_name msdefender
}
define service {
use generic-service
service_description DEFENDER_ALERTS
check_command check_defender_alerts
hostgroup_name msdefender
}
```
## ๐๏ธ Architecture
This plugin follows **clean architecture** principles with clear separation of concerns:
```
check_msdefender/
โโโ ๐ cli/ # Command-line interface
โ โโโ commands/ # Individual command handlers
โ โ โโโ onboarding.py # Onboarding status command
โ โ โโโ lastseen.py # Last seen command
โ โ โโโ vulnerabilities.py # Vulnerabilities command
โ โ โโโ alerts.py # Alerts monitoring command
โ โ โโโ machines.py # List machines command
โ โ โโโ detail.py # Machine detail command
โ โโโ decorators.py # Common CLI decorators
โ โโโ handlers.py # CLI handlers
โโโ ๐ core/ # Core business logic
โ โโโ auth.py # Authentication management
โ โโโ config.py # Configuration handling
โ โโโ defender.py # Defender API client
โ โโโ exceptions.py # Custom exceptions
โ โโโ nagios.py # Nagios plugin framework
โ โโโ logging_config.py # Logging configuration
โโโ ๐ services/ # Business services
โ โโโ onboarding_service.py # Onboarding business logic
โ โโโ lastseen_service.py # Last seen business logic
โ โโโ vulnerabilities_service.py # Vulnerability business logic
โ โโโ alerts_service.py # Alerts monitoring business logic
โ โโโ machines_service.py # Machines business logic
โ โโโ detail_service.py # Detail business logic
โ โโโ models.py # Data models
โโโ ๐ tests/ # Comprehensive test suite
โโโ unit/ # Unit tests
โโโ integration/ # Integration tests
โโโ fixtures/ # Test fixtures
```
### Key Design Principles
- **๐ฏ Single Responsibility** - Each module has one clear purpose
- **๐ Dependency Injection** - Easy testing and mocking
- **๐งช Testable** - Comprehensive test coverage
- **๐ Extensible** - Easy to add new commands and features
- **๐ Secure** - No secrets in code, proper credential handling
## ๐งช Development
### Development Setup
```bash
# Clone repository
git clone https://github.com/lduchosal/check_msdefender.git
cd check_msdefender
# Create development environment
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
# Install in development mode
pip install -e .
```
### Code Quality Tools
```bash
# Format code
black check_msdefender/
# Lint code
flake8 check_msdefender/
# Type checking
mypy check_msdefender/
# Run tests
pytest tests/ -v --cov=check_msdefender
```
### Building & Publishing
```bash
# Build package
python -m build
# Test installation
pip install dist/*.whl
# Publish to PyPI
python -m twine upload dist/*
```
## ๐ Output Examples
### Successful Check
```
DEFENDER OK - Onboarding status: 0 (Onboarded) | onboarding=0;1;2;0;2
```
### Warning State
```
DEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;
```
### Critical State
```
DEFENDER CRITICAL - Vulnerability score: 150 (1 Critical, 5 High) | vulnerabilities=150;10;100;0;
```
### Alerts Warning
```
DEFENDER WARNING - Unresolved alerts for machine.domain.com | alerts=2;1;5;0;
Unresolved alerts for machine.domain.com
2025-09-14T10:22:14.12Z - Suspicious activity detected (New high)
2025-09-14T12:00:00.00Z - Malware detection (InProgress medium)
```
## ๐ง Troubleshooting
### Common Issues
| Issue | Solution |
|-------|----------|
| **Authentication Errors** | Verify Azure app permissions and credentials |
| **Network Connectivity** | Check firewall rules for Microsoft endpoints |
| **Import Errors** | Ensure all dependencies are installed |
| **Configuration Issues** | Validate config file syntax and paths |
### Debug Mode
Enable verbose logging for detailed troubleshooting:
```bash
# Maximum verbosity
check_msdefender vulnerabilities -d machine.domain.tld -vvv
# Check specific configuration
check_msdefender onboarding -c /path/to/config.ini -d machine.domain.tld -vv
```
### Required Network Access
Ensure connectivity to:
- `login.microsoftonline.com`
- `api.securitycenter.microsoft.com`
- `api-eu.securitycenter.microsoft.com`
- `api-eu3.securitycenter.microsoft.com`
- `api-uk.securitycenter.microsoft.com`
## ๐ Exit Codes
| Code | Status | Description |
|------|--------|-------------|
| `0` | OK | Value within acceptable range |
| `1` | WARNING | Value exceeds warning threshold |
| `2` | CRITICAL | Value exceeds critical threshold |
| `3` | UNKNOWN | Error occurred during execution |
## ๐ค Contributing
We welcome contributions! Here's how to get started:
1. **Fork** the repository
2. **Create** a feature branch (`git checkout -b feature/amazing-feature`)
3. **Commit** your changes (`git commit -m 'Add amazing feature'`)
4. **Push** to the branch (`git push origin feature/amazing-feature`)
5. **Open** a Pull Request
### Development Guidelines
- Follow [PEP 8](https://pep8.org/) style guide
- Add tests for new features
- Update documentation as needed
- Ensure all tests pass before submitting
## ๐ License
This project is licensed under the **MIT License** - see the [LICENSE](LICENSE) file for details.
## ๐ Acknowledgments
- Built with [nagiosplugin](https://nagiosplugin.readthedocs.io/) framework
- Uses [Azure Identity SDK](https://docs.microsoft.com/python/api/azure-identity/) for authentication
- Powered by [Click](https://click.palletsprojects.com/) for CLI interface
---
<div align="center">
**[โญ Star this repository](https://github.com/lduchosal/check_msdefender)** if you find it useful!
[๐ Report Bug](https://github.com/lduchosal/check_msdefender/issues) โข [๐ก Request Feature](https://github.com/lduchosal/check_msdefender/issues) โข [๐ Documentation](https://github.com/lduchosal/check_msdefender/blob/main/README.md)
</div>
Raw data
{
"_id": null,
"home_page": null,
"name": "check-msdefender",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": "nagios, monitoring, microsoft, graph, api, azure",
"author": null,
"author_email": "ldvchosal <ldvchosal@github.com>",
"download_url": "https://files.pythonhosted.org/packages/4e/34/550f911da747450ee20ae020bbaddcb775ce703865001f41a4f234e8c7a9/check_msdefender-1.1.3.tar.gz",
"platform": null,
"description": "# \ud83d\udee1\ufe0f Check MS Defender\n\n[](https://python.org)\n[](https://opensource.org/licenses/MIT)\n[](https://github.com/lduchosal/check_msdefender)\n\nA comprehensive **Nagios plugin** for monitoring Microsoft Defender for Endpoint API endpoints. Built with modern Python practices and designed for enterprise monitoring environments.\n\n## \u2728 Features\n\n- \ud83d\udd10 **Dual Authentication** - Support for Client Secret and Certificate-based authentication\n- \ud83c\udfaf **Multiple Endpoints** - Monitor onboarding status, last seen, vulnerabilities, alerts, and machine details\n- \ud83d\udcca **Nagios Compatible** - Standard exit codes and performance data output\n- \ud83c\udfd7\ufe0f **Clean Architecture** - Modular design with testable components\n- \ud83d\udd27 **Flexible Configuration** - File-based configuration with sensible defaults\n- \ud83d\udcc8 **Verbose Logging** - Multi-level debugging support\n- \ud83d\udc0d **Modern Python** - Built with Python 3.9+ using type hints and async patterns\n\n## \ud83d\ude80 Quick Start\n\n### Installation\n\n```bash\n# Create virtual environment (recommended)\npython -m venv /usr/local/libexec/nagios/check_msdefender\nsource /usr/local/libexec/nagios/check_msdefender/bin/activate\n\n# Install from source\npip install git+https://github.com/lduchosal/check_msdefender.git\n```\n\n### Basic Usage\n\n```bash\n# Check machine onboarding status\ncheck_msdefender onboarding -d machine.domain.tld\n\n# Check last seen (with custom thresholds)\ncheck_msdefender lastseen -d machine.domain.tld -W 7 -C 30\n\n# Check vulnerabilities\ncheck_msdefender vulnerabilities -d machine.domain.tld -W 10 -C 100\n\n# Check alerts\ncheck_msdefender alerts -d machine.domain.tld -W 1 -C 5\n\n# List all machines\ncheck_msdefender machines\n\n# Get detailed machine info\ncheck_msdefender detail -d machine.domain.tld\n```\n\n## \ud83d\udccb Available Commands\n\n| Command | Description | Default Thresholds |\n|---------|-------------|-------------------|\n| `onboarding` | Check machine onboarding status | W:1, C:2 |\n| `lastseen` | Days since machine last seen | W:7, C:30 |\n| `vulnerabilities` | Vulnerability score calculation | W:10, C:100 |\n| `alerts` | Count of unresolved alerts | W:1, C:0 |\n| `machines` | List all machines | W:10, C:25 |\n| `detail` | Get detailed machine information | - |\n\n### Vulnerability Scoring\n\nThe vulnerability score is calculated as:\n- **Critical vulnerabilities** \u00d7 100\n- **High vulnerabilities** \u00d7 10\n- **Medium vulnerabilities** \u00d7 5\n- **Low vulnerabilities** \u00d7 1\n\n### Alert Monitoring\n\nThe alerts command monitors unresolved security alerts for a machine:\n- **Counts only unresolved alerts** (status \u2260 \"Resolved\")\n- **Excludes informational alerts** when critical/warning alerts exist\n- **Shows alert details** including creation time, title, and severity\n- **Default thresholds**: Warning at 1 alert, Critical at 0 (meaning any alert triggers warning)\n\n### Onboarding Status Values\n\n- `0` - Onboarded \u2705\n- `1` - InsufficientInfo \u26a0\ufe0f\n- `2` - Unknown \u274c\n\n## \u2699\ufe0f Configuration\n\n### Authentication Setup\n\nCreate `check_msdefender.ini` in your Nagios directory or current working directory:\n\n#### Client Secret Authentication\n```ini\n[auth]\nclient_id = your-application-client-id\nclient_secret = your-client-secret\ntenant_id = your-azure-tenant-id\n\n[settings]\ntimeout = 5\n```\n\n#### Certificate Authentication\n```ini\n[auth]\nclient_id = your-application-client-id\ntenant_id = your-azure-tenant-id\ncertificate_path = /path/to/certificate.pem\nprivate_key_path = /path/to/private_key.pem\n\n[settings]\ntimeout = 5\n```\n\n### Microsoft Defender API Setup\n\n1. **Register Application** in Azure Active Directory\n2. **Grant API Permissions**:\n - `Machine.Read.All`\n - `Vulnerability.Read`\n - `Vulnerability.Read.All`\n - `Alert.Read.All`\n3. **Create Authentication** (Secret or Certificate)\n4. **Note Credentials** (Client ID, Tenant ID, Secret/Certificate)\n\n\ud83d\udcda [Complete API Setup Guide](https://learn.microsoft.com/en-us/defender-endpoint/api/api-hello-world)\n\n## \ud83d\udd27 Command Line Options\n\n| Option | Description | Example |\n|--------|-------------|---------|\n| `-c, --config` | Configuration file path | `-c /custom/path/config.ini` |\n| `-m, --machineId` | Machine ID (GUID) | `-m \"12345678-1234-1234-1234-123456789abc\"` |\n| `-d, --computerDnsName` | Computer DNS Name (FQDN) | `-d \"server.domain.com\"` |\n| `-W, --warning` | Warning threshold | `-W 10` |\n| `-C, --critical` | Critical threshold | `-C 100` |\n| `-v, --verbose` | Verbosity level | `-v`, `-vv`, `-vvv` |\n| `--version` | Show version | `--version` |\n\n## \ud83c\udfe2 Nagios Integration\n\n### Command Definitions\n\n```cfg\n# Microsoft Defender Commands\ndefine command {\n command_name check_defender_onboarding\n command_line $USER1$/check_msdefender/bin/check_msdefender onboarding -d $HOSTALIAS$\n}\n\ndefine command {\n command_name check_defender_lastseen\n command_line $USER1$/check_msdefender/bin/check_msdefender lastseen -d $HOSTALIAS$ -W 7 -C 30\n}\n\ndefine command {\n command_name check_defender_vulnerabilities\n command_line $USER1$/check_msdefender/bin/check_msdefender vulnerabilities -d $HOSTALIAS$ -W 10 -C 100\n}\n\ndefine command {\n command_name check_defender_alerts\n command_line $USER1$/check_msdefender/bin/check_msdefender alerts -d $HOSTALIAS$ -W 1 -C 5\n}\n```\n\n### Service Definitions\n\n```cfg\n# Microsoft Defender Services\ndefine service {\n use generic-service\n service_description DEFENDER_ONBOARDING\n check_command check_defender_onboarding\n hostgroup_name msdefender\n}\n\ndefine service {\n use generic-service\n service_description DEFENDER_LASTSEEN\n check_command check_defender_lastseen\n hostgroup_name msdefender\n}\n\ndefine service {\n use generic-service\n service_description DEFENDER_VULNERABILITIES\n check_command check_defender_vulnerabilities\n hostgroup_name msdefender\n}\n\ndefine service {\n use generic-service\n service_description DEFENDER_ALERTS\n check_command check_defender_alerts\n hostgroup_name msdefender\n}\n```\n\n## \ud83c\udfd7\ufe0f Architecture\n\nThis plugin follows **clean architecture** principles with clear separation of concerns:\n\n```\ncheck_msdefender/\n\u251c\u2500\u2500 \ud83d\udcc1 cli/ # Command-line interface\n\u2502 \u251c\u2500\u2500 commands/ # Individual command handlers\n\u2502 \u2502 \u251c\u2500\u2500 onboarding.py # Onboarding status command\n\u2502 \u2502 \u251c\u2500\u2500 lastseen.py # Last seen command\n\u2502 \u2502 \u251c\u2500\u2500 vulnerabilities.py # Vulnerabilities command\n\u2502 \u2502 \u251c\u2500\u2500 alerts.py # Alerts monitoring command\n\u2502 \u2502 \u251c\u2500\u2500 machines.py # List machines command\n\u2502 \u2502 \u2514\u2500\u2500 detail.py # Machine detail command\n\u2502 \u251c\u2500\u2500 decorators.py # Common CLI decorators\n\u2502 \u2514\u2500\u2500 handlers.py # CLI handlers\n\u251c\u2500\u2500 \ud83d\udcc1 core/ # Core business logic\n\u2502 \u251c\u2500\u2500 auth.py # Authentication management\n\u2502 \u251c\u2500\u2500 config.py # Configuration handling\n\u2502 \u251c\u2500\u2500 defender.py # Defender API client\n\u2502 \u251c\u2500\u2500 exceptions.py # Custom exceptions\n\u2502 \u251c\u2500\u2500 nagios.py # Nagios plugin framework\n\u2502 \u2514\u2500\u2500 logging_config.py # Logging configuration\n\u251c\u2500\u2500 \ud83d\udcc1 services/ # Business services\n\u2502 \u251c\u2500\u2500 onboarding_service.py # Onboarding business logic\n\u2502 \u251c\u2500\u2500 lastseen_service.py # Last seen business logic\n\u2502 \u251c\u2500\u2500 vulnerabilities_service.py # Vulnerability business logic\n\u2502 \u251c\u2500\u2500 alerts_service.py # Alerts monitoring business logic\n\u2502 \u251c\u2500\u2500 machines_service.py # Machines business logic\n\u2502 \u251c\u2500\u2500 detail_service.py # Detail business logic\n\u2502 \u2514\u2500\u2500 models.py # Data models\n\u2514\u2500\u2500 \ud83d\udcc1 tests/ # Comprehensive test suite\n \u251c\u2500\u2500 unit/ # Unit tests\n \u251c\u2500\u2500 integration/ # Integration tests\n \u2514\u2500\u2500 fixtures/ # Test fixtures\n```\n\n### Key Design Principles\n\n- **\ud83c\udfaf Single Responsibility** - Each module has one clear purpose\n- **\ud83d\udd0c Dependency Injection** - Easy testing and mocking\n- **\ud83e\uddea Testable** - Comprehensive test coverage\n- **\ud83d\udcc8 Extensible** - Easy to add new commands and features\n- **\ud83d\udd12 Secure** - No secrets in code, proper credential handling\n\n## \ud83e\uddea Development\n\n### Development Setup\n\n```bash\n# Clone repository\ngit clone https://github.com/lduchosal/check_msdefender.git\ncd check_msdefender\n\n# Create development environment\npython -m venv .venv\nsource .venv/bin/activate # Windows: .venv\\Scripts\\activate\n\n# Install in development mode\npip install -e .\n```\n\n### Code Quality Tools\n\n```bash\n# Format code\nblack check_msdefender/\n\n# Lint code\nflake8 check_msdefender/\n\n# Type checking\nmypy check_msdefender/\n\n# Run tests\npytest tests/ -v --cov=check_msdefender\n```\n\n### Building & Publishing\n\n```bash\n# Build package\npython -m build\n\n# Test installation\npip install dist/*.whl\n\n# Publish to PyPI\npython -m twine upload dist/*\n```\n\n## \ud83d\udd0d Output Examples\n\n### Successful Check\n```\nDEFENDER OK - Onboarding status: 0 (Onboarded) | onboarding=0;1;2;0;2\n```\n\n### Warning State\n```\nDEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;\n```\n\n### Critical State\n```\nDEFENDER CRITICAL - Vulnerability score: 150 (1 Critical, 5 High) | vulnerabilities=150;10;100;0;\n```\n\n### Alerts Warning\n```\nDEFENDER WARNING - Unresolved alerts for machine.domain.com | alerts=2;1;5;0;\nUnresolved alerts for machine.domain.com\n2025-09-14T10:22:14.12Z - Suspicious activity detected (New high)\n2025-09-14T12:00:00.00Z - Malware detection (InProgress medium)\n```\n\n## \ud83d\udd27 Troubleshooting\n\n### Common Issues\n\n| Issue | Solution |\n|-------|----------|\n| **Authentication Errors** | Verify Azure app permissions and credentials |\n| **Network Connectivity** | Check firewall rules for Microsoft endpoints |\n| **Import Errors** | Ensure all dependencies are installed |\n| **Configuration Issues** | Validate config file syntax and paths |\n\n### Debug Mode\n\nEnable verbose logging for detailed troubleshooting:\n\n```bash\n# Maximum verbosity\ncheck_msdefender vulnerabilities -d machine.domain.tld -vvv\n\n# Check specific configuration\ncheck_msdefender onboarding -c /path/to/config.ini -d machine.domain.tld -vv\n```\n\n### Required Network Access\n\nEnsure connectivity to:\n- `login.microsoftonline.com`\n- `api.securitycenter.microsoft.com`\n- `api-eu.securitycenter.microsoft.com`\n- `api-eu3.securitycenter.microsoft.com`\n- `api-uk.securitycenter.microsoft.com`\n\n## \ud83d\udcca Exit Codes\n\n| Code | Status | Description |\n|------|--------|-------------|\n| `0` | OK | Value within acceptable range |\n| `1` | WARNING | Value exceeds warning threshold |\n| `2` | CRITICAL | Value exceeds critical threshold |\n| `3` | UNKNOWN | Error occurred during execution |\n\n## \ud83e\udd1d Contributing\n\nWe welcome contributions! Here's how to get started:\n\n1. **Fork** the repository\n2. **Create** a feature branch (`git checkout -b feature/amazing-feature`)\n3. **Commit** your changes (`git commit -m 'Add amazing feature'`)\n4. **Push** to the branch (`git push origin feature/amazing-feature`)\n5. **Open** a Pull Request\n\n### Development Guidelines\n\n- Follow [PEP 8](https://pep8.org/) style guide\n- Add tests for new features\n- Update documentation as needed\n- Ensure all tests pass before submitting\n\n## \ud83d\udcc4 License\n\nThis project is licensed under the **MIT License** - see the [LICENSE](LICENSE) file for details.\n\n## \ud83d\ude4f Acknowledgments\n\n- Built with [nagiosplugin](https://nagiosplugin.readthedocs.io/) framework\n- Uses [Azure Identity SDK](https://docs.microsoft.com/python/api/azure-identity/) for authentication\n- Powered by [Click](https://click.palletsprojects.com/) for CLI interface\n\n---\n\n<div align=\"center\">\n\n**[\u2b50 Star this repository](https://github.com/lduchosal/check_msdefender)** if you find it useful!\n\n[\ud83d\udc1b Report Bug](https://github.com/lduchosal/check_msdefender/issues) \u2022 [\ud83d\udca1 Request Feature](https://github.com/lduchosal/check_msdefender/issues) \u2022 [\ud83d\udcd6 Documentation](https://github.com/lduchosal/check_msdefender/blob/main/README.md)\n\n</div>",
"bugtrack_url": null,
"license": "MIT",
"summary": "A Nagios plugin for monitoring Microsoft Defender API endpoints",
"version": "1.1.3",
"project_urls": {
"Bug Reports": "https://github.com/lduchosal/check_msdefender/issues",
"Documentation": "https://github.com/lduchosal/check_msdefender/blob/main/README.md",
"Homepage": "https://github.com/lduchosal/check_msdefender",
"Source": "https://github.com/lduchosal/check_msdefender"
},
"split_keywords": [
"nagios",
" monitoring",
" microsoft",
" graph",
" api",
" azure"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "54fdfd96eeb51a8cd40e5934ea7b9ccaf5818993284350248843537d4abbf9ed",
"md5": "dbe91adb0967d4647332f3a8895305a7",
"sha256": "db4e45db32178297c6f1a7b38de847928951861312c01247c72da8b117964854"
},
"downloads": -1,
"filename": "check_msdefender-1.1.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "dbe91adb0967d4647332f3a8895305a7",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 31064,
"upload_time": "2025-09-15T06:34:28",
"upload_time_iso_8601": "2025-09-15T06:34:28.458666Z",
"url": "https://files.pythonhosted.org/packages/54/fd/fd96eeb51a8cd40e5934ea7b9ccaf5818993284350248843537d4abbf9ed/check_msdefender-1.1.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "4e34550f911da747450ee20ae020bbaddcb775ce703865001f41a4f234e8c7a9",
"md5": "17d5a0ce8b546235b035979628d1b410",
"sha256": "d19ed25b9e5ddcedab1c488777b582b7b5b668e33da2f4db3d1b1c00142e1d16"
},
"downloads": -1,
"filename": "check_msdefender-1.1.3.tar.gz",
"has_sig": false,
"md5_digest": "17d5a0ce8b546235b035979628d1b410",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 32904,
"upload_time": "2025-09-15T06:34:30",
"upload_time_iso_8601": "2025-09-15T06:34:30.222555Z",
"url": "https://files.pythonhosted.org/packages/4e/34/550f911da747450ee20ae020bbaddcb775ce703865001f41a4f234e8c7a9/check_msdefender-1.1.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-09-15 06:34:30",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "lduchosal",
"github_project": "check_msdefender",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "check-msdefender"
}
JSON
