{"id":20541057,"url":"https://github.com/netways/check_sentinelone","last_synced_at":"2025-04-14T08:38:37.216Z","repository":{"id":42557662,"uuid":"292860996","full_name":"NETWAYS/check_sentinelone","owner":"NETWAYS","description":"Monitoring plugin (Icinga/Nagios compatible) to check the presence of threats on the SentinelOne Cloud service","archived":false,"fork":false,"pushed_at":"2025-03-10T10:56:23.000Z","size":182,"stargazers_count":2,"open_issues_count":1,"forks_count":4,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-03-27T22:11:12.536Z","etag":null,"topics":["icinga","monitoring","sentinelone"],"latest_commit_sha":null,"homepage":"https://netways.de","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NETWAYS.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-04T13:55:29.000Z","updated_at":"2025-03-10T10:56:21.000Z","dependencies_parsed_at":"2024-05-06T11:54:52.507Z","dependency_job_id":"1dc9f4a6-a983-4060-a700-1caf7ac83775","html_url":"https://github.com/NETWAYS/check_sentinelone","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sentinelone","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sentinelone/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sentinelone/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sentinelone/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NETWAYS","download_url":"https://codeload.github.com/NETWAYS/check_sentinelone/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248847563,"owners_count":21171203,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["icinga","monitoring","sentinelone"],"created_at":"2024-11-16T01:19:06.273Z","updated_at":"2025-04-14T08:38:37.188Z","avatar_url":"https://github.com/NETWAYS.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"check_sentinelone\n=================\n\nCheck for threats on the SentinelOne Cloud service.\n\nYou need to provide the URL of your instance and an authentication token, which is user specific.\nIt is recommended to create a new user with \"Viewer\" permissions only.\n\nThreats will be listed until their incident state has been resolved, or with the `--ignore-in-progress` flag, is no\nlonger \"unresolved\". Mitigated threats appear as warning.\n\n## Usage\n\n```\nArguments:\n  -H, --url string             Management URL (e.g. https://your-site.sentinelone.net) (env:SENTINELONE_URL)\n  -T, --token string           API AuthToken (env:SENTINELONE_TOKEN)\n      --site string            Only list threats belonging to a named site\n      --ignore-in-progress     Ignore threats, where the incident status is in-progress\n      --computer-name string   Only list threats belonging to the specified computer name\n  -t, --timeout int            Abort the check after n seconds (default 30)\n  -d, --debug                  Enable debug mode\n  -v, --verbose                Enable verbose mode\n  -V, --version                Print version and exit\n```\n\n## Example\n\n```\n$ check_sentinelone --url https://your-site.sentinelone.net --token secret --site Customer\nCRITICAL - site Customer - 13 threats found, 3 not mitigated\n\n## Your Account / Customer / Default Group\n\n[2020-08-12 12:59 CEST] [WARNING] fileserver: (Downloader) PDFCreator-1_9_4-setup.exe (Marked as benign)\n[2020-07-03 08:23 CEST] [WARNING] fileserver: (PUA) cdbxp_setup_4.5.7.6321.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 2-1.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 4-0.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 7-0.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 13-0.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 1-0.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 14-0.exe (Mitigated)\n[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 12-0.exe (Mitigated)\n[2020-07-02 22:05 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)\n[2020-07-02 22:05 CEST] [WARNING] fileserver: (Adware) cdbxp_setup_4-{DFBDE0DF-DBEC-4437-A6D6-76CD670E9503}-v297222.exe (Mitigated)\n[2020-07-02 21:58 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)\n[2020-07-02 21:58 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)\n| threats=13 threats_not_mitigated=3\n```\n\n## API Documentation\n\nFull API documentation is available in `api-docs` under your Sentinel One dashboard.\n\nThis is only available for customers as fair as we know.\n\n## License\n\nCopyright (c) 2020 [NETWAYS GmbH](mailto:info@netways.de) \\\nCopyright (c) 2020 [Markus Frosch](mailto:markus.frosch@netways.de)\n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program.  If not, see [gnu.org/licenses](https://www.gnu.org/licenses/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetways%2Fcheck_sentinelone","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetways%2Fcheck_sentinelone","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetways%2Fcheck_sentinelone/lists"}