{"id":20541063,"url":"https://github.com/netways/check_sophos_central","last_synced_at":"2026-03-06T03:31:35.237Z","repository":{"id":57542176,"uuid":"292643811","full_name":"NETWAYS/check_sophos_central","owner":"NETWAYS","description":"Icinga check plugin for the status of alerts and endpoints over the API of the Sophos Central cloud service","archived":false,"fork":false,"pushed_at":"2025-01-06T22:54:05.000Z","size":192,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-01-06T23:36:48.740Z","etag":null,"topics":["icinga","monitoring","plugin","sophos"],"latest_commit_sha":null,"homepage":"https://netways.de","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NETWAYS.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-03T18:02:59.000Z","updated_at":"2025-01-06T22:54:03.000Z","dependencies_parsed_at":"2024-06-03T07:56:39.354Z","dependency_job_id":"b962c9f1-2689-4e05-bcc8-059218de52b2","html_url":"https://github.com/NETWAYS/check_sophos_central","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sophos_central","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sophos_central/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sophos_central/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NETWAYS%2Fcheck_sophos_central/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NETWAYS","download_url":"https://codeload.github.com/NETWAYS/check_sophos_central/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234218483,"owners_count":18797935,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["icinga","monitoring","plugin","sophos"],"created_at":"2024-11-16T01:19:09.278Z","updated_at":"2025-09-25T17:30:30.636Z","avatar_url":"https://github.com/NETWAYS.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"check_sophos_central\n====================\n\nCheck the status of alerts and endpoints over the API of the Sophos Central cloud service.\n\nThe plugin currently checks the state of all alerts and endpoints within a tenant, you need to supply API Token\n(ID and secret) for a single tenant.\n\n## Usage\n\n```\nArguments:\n --client-id string API Client ID (env:SOPHOS_CLIENT_ID)\n --client-secret string API Client Secret (env:SOPHOS_CLIENT_SECRET)\n --show-all List all non-ok endpoints\n --page-size uint32 Amount of objects to fetch during each API call (default 100)\n --exclude-alert stringArray Alerts to ignore. Can be used multiple times and supports regex.\n --exclude-endpoint stringArray Endpoints to ignore. Can be used multiple times and supports regex.\n --api string API Base URL (default \"https://api.central.sophos.com\")\n -t, --timeout int Abort the check after n seconds (default 30)\n -d, --debug Enable debug mode\n -v, --verbose Enable verbose mode\n -V, --version Print version and exit\n```\n\n## Example\n\n```\n$ ./check_sophos_central --client-id efce870a-6c53-4a6b-8c49-864894b9d8ee --client-secret thatwouldbeagoodjoke\nCRITICAL - alerts: 2 medium - endpoints: 2 good, 3 bad, 6 suspicious\n\n## Alerts\n2020-09-04 07:31 CEST [medium] TEST (server) PUA detected: 'PsExec' at 'E:\\UserShares$\\Max Mustermann\\Desktop\\PSTools.zip\\PsExec.exe\\FILE:0000'\n2020-09-04 07:31 CEST [medium] TEST (server) PUA detected: 'PsKill' at 'E:\\UserShares$\\Max Mustermann\\Desktop\\PSTools.zip\\pskill.exe'\n\n## Endpoints\nbad: HOST1, HOST2, HOST6\nsuspicious: HOST11, HOST12, HOST13, HOST14, HOST15, ...\n| 'alerts'=0 'alerts_high'=0 'alerts_medium'=0 'alerts_low'=0 'endpoints_total'=11 'endpoints_good'=2 'endpoints_bad'=3 'endpoints_suspicious'=6 'endpoints_unknown'=0\n```\n\n## API Documentation\n\nFull API documentation is available at [developer.sophos.com](https://developer.sophos.com/intro).\n\n## License\n\nCopyright (c) 2020 [NETWAYS GmbH](mailto:info@netways.de) \\\nCopyright (c) 2020 [Markus Frosch](mailto:markus.frosch@netways.de)\n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program. If not, see [gnu.org/licenses](https://www.gnu.org/licenses/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetways%2Fcheck_sophos_central","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetways%2Fcheck_sophos_central","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetways%2Fcheck_sophos_central/lists"}