https://github.com/eigenein/mdatp-diagnostic-parser

Parser for Microsoft Defender real-time protection statistics
https://github.com/eigenein/mdatp-diagnostic-parser

microsoft-defender rust-application

Last synced: 6 months ago
JSON representation

Parser for Microsoft Defender real-time protection statistics

• Host: GitHub
• URL: https://github.com/eigenein/mdatp-diagnostic-parser
• Owner: eigenein
• License: mit
• Created: 2024-01-25T18:24:43.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-01-25T21:13:12.000Z (over 1 year ago)
• Last Synced: 2025-03-28T01:51:49.141Z (7 months ago)
• Topics: microsoft-defender, rust-application
• Language: Rust
• Homepage: https://crates.io/crates/mdatp-diagnostic-parser
• Size: 498 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# `mdatp-diagnostic-parser`

Revamp of the official [`high_cpu_parser.py`](https://github.com/microsoft/mdatp-xplat/blob/master/linux/diagnostic/high_cpu_parser.py). This project is not affiliated with Microsoft.

![Screenshot](screenshot.png)

## Installation

```shell

cargo install mdatp-diagnostic-parser

```

## Usage

```shell

mdatp diagnostic real-time-protection-statistics --output=json | mdatp-diagnostic-parser -

```

## Options

```text

Usage: mdatp-diagnostic-parser [OPTIONS] 

Arguments:

  

          File to parse or `-` for the standard input

Options:

  -a, --aggregate-by 

          Aggregation

          

          [default: name]

          Possible values:

          - none: Do not aggregate

          - name: By process name

          - path: By executable path

  -s, --sort-by 

          Sorting

          

          [default: total-files-scanned]

          Possible values:

          - none:                Do not sort

          - total-files-scanned: By total files scanned

          - max-file-scan-time:  By maximum file scanning time

          - total-scan-time:     By total scanning time

  -l, --limit 

          Print at maximum this number of rows

      --ascending

          Print in ascending order (by default, print in descending order)

      --only-active

          List only active processes (as reported by MDATP)

      --only-running

          List only running processes

  -h, --help

          Print help (see a summary with '-h')

  -V, --version

          Print version

```