A Nagios plugin for monitoring BitDefender GravityZone API endpoints
Project description
๐ก๏ธ Check BitDefender GravityZone
A comprehensive Nagios plugin for monitoring BitDefender GravityZone for Endpoint API endpoints. Built with modern Python practices and designed for enterprise monitoring environments.
โจ Features
- ๐ Authentication - Support for API Token
- ๐ฏ Multiple Endpoints - Monitor onboarding status, last seen, last scan, and endpoint details
- ๐ Nagios Compatible - Standard exit codes and performance data output
- ๐๏ธ Clean Architecture - Modular design with testable components
- ๐ง Flexible Configuration - File-based configuration with sensible defaults
- ๐ Verbose Logging - Multi-level debugging support
- ๐ Modern Python - Built with Python 3.9+ using type hints and async patterns
๐ Quick Start
Installation
# Create virtual environment (recommended)
python -m venv /usr/local/libexec/nagios/check_bitdefender
source /usr/local/libexec/nagios/check_bitdefender/bin/activate
# Install from source
pip install git+https://github.com/lduchosal/check_bitdefender.git
Basic Usage
# List all endpoints
check_bitdefender endpoints
# Check onboarding status
check_bitdefender onboarding -d endpoint.domain.tld
# Check last seen (days since endpoint last connected)
check_bitdefender lastseen -d endpoint.domain.tld
# Check last scan (days since last antivirus scan)
check_bitdefender lastscan -d endpoint.domain.tld
# Get detailed endpoint info
check_bitdefender detail -d endpoint.domain.tld
๐ Available Commands
| Command | Description | Default Thresholds |
|---|---|---|
endpoints |
List all endpoints | W:10, C:25 |
onboarding |
Check endpoint onboarding status | W:2, C:1 |
lastseen |
Check days since endpoint was last seen | W:7, C:30 |
lastscan |
Check days since endpoint was last scanned | W:7, C:30 |
detail |
Get detailed endpoint information | - |
Onboarding Status Values
0- Onboarded โ1- InsufficientInfo โ ๏ธ2- Unknown โ
โ๏ธ Configuration
Authentication Setup
Create check_bitdefender.ini in your Nagios directory or current working directory:
API Token Authentication
[auth]
token = your-api-token-here
[settings]
timeout = 5
parent_id = your-company-id-here # Optional: specify company/parent ID
BitDefender GravityZone API Setup
- Log into GravityZone Control Center
- Navigate to My Account > API Keys
- Generate a new API key with appropriate permissions
- Copy the API token to your configuration file
๐ง Command Line Options
| Option | Description | Example |
|---|---|---|
-c, --config |
Configuration file path | -c /custom/path/config.ini |
-m, --endpointId |
Endpoint ID (GUID) | -m "12345678-1234-1234-1234-123456789abc" |
-d, --fqdn |
Computer DNS Name (FQDN) | -d "server.domain.com" |
-W, --warning |
Warning threshold | -W 10 |
-C, --critical |
Critical threshold | -C 100 |
-v, --verbose |
Verbosity level | -v, -vv, -vvv |
--version |
Show version | --version |
๐ข Nagios Integration
Command Definitions
# BitDefender GravityZone Commands
define command {
command_name check_bitdefender_onboarding
command_line $USER1$/check_bitdefender/bin/check_bitdefender onboarding -d $HOSTALIAS$
}
define command {
command_name check_bitdefender_lastseen
command_line $USER1$/check_bitdefender/bin/check_bitdefender lastseen -d $HOSTALIAS$ -W 7 -C 30
}
define command {
command_name check_bitdefender_lastscan
command_line $USER1$/check_bitdefender/bin/check_bitdefender lastscan -d $HOSTALIAS$ -W 7 -C 30
}
Service Definitions
# BitDefender GravityZone Services
define service {
use generic-service
service_description BITDEFENDER_ONBOARDING
check_command check_bitdefender_onboarding
hostgroup_name bitdefender
}
define service {
use generic-service
service_description BITDEFENDER_LASTSEEN
check_command check_bitdefender_lastseen
hostgroup_name bitdefender
}
define service {
use generic-service
service_description BITDEFENDER_LASTSCAN
check_command check_bitdefender_lastscan
hostgroup_name bitdefender
}
๐๏ธ Architecture
This plugin follows clean architecture principles with clear separation of concerns:
check_bitdefender/
โโโ ๐ cli/ # Command-line interface
โ โโโ commands/ # Individual command handlers
โ โ โโโ endpoints.py # List endpoints command
โ โ โโโ onboarding.py # Onboarding status command
โ โ โโโ lastseen.py # Last seen command
โ โ โโโ lastscan.py # Last scan command
โ โ โโโ detail.py # Endpoint detail command
โ โโโ decorators.py # Common CLI decorators
โโโ ๐ core/ # Core business logic
โ โโโ auth.py # Authentication management
โ โโโ config.py # Configuration handling
โ โโโ defender.py # BitDefender API client
โ โโโ exceptions.py # Custom exceptions
โ โโโ nagios.py # Nagios plugin framework
โโโ ๐ services/ # Business services
โ โโโ endpoint_service.py # Endpoints business logic
โ โโโ onboarding_service.py # Onboarding check logic
โ โโโ lastseen_service.py # Last seen check logic
โ โโโ lastscan_service.py # Last scan check logic
โ โโโ detail_service.py # Detail retrieval logic
โ โโโ models.py # Data models
โโโ ๐ tests/ # Comprehensive test suite
โโโ unit/ # Unit tests
โโโ integration/ # Integration tests
Key Design Principles
- ๐ฏ Single Responsibility - Each module has one clear purpose
- ๐ Dependency Injection - Easy testing and mocking
- ๐งช Testable - Comprehensive test coverage
- ๐ Extensible - Easy to add new commands and features
- ๐ Secure - No secrets in code, proper credential handling
๐งช Development
Development Setup
# Clone repository
git clone https://github.com/lduchosal/check_bitdefender.git
cd check_bitdefender
# Create development environment
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
# Install in development mode
pip install -e .
Code Quality Tools
# Format code
black check_bitdefender/
# Lint code
flake8 check_bitdefender/
# Type checking
mypy check_bitdefender/
# Run tests
pytest tests/ -v --cov=check_bitdefender
Building & Publishing
# Build package
python -m build
# Test installation
pip install dist/*.whl
# Publish to PyPI
python -m twine upload dist/*
๐ Output Examples
Successful Check
DEFENDER OK - Onboarding status: 0 (Onboarded) | onboarding=0;1;2;0;2
Warning State
DEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;
Critical State
DEFENDER CRITICAL - Last scan: 35 days ago | lastscan=35;7;30;0;
๐ง Troubleshooting
Common Issues
| Issue | Solution |
|---|---|
| Authentication Errors | Verify BitDefender GravityZone API token |
| Network Connectivity | Check firewall rules for cloudgz.gravityzone.bitdefender.com |
| Import Errors | Ensure all dependencies are installed |
| Configuration Issues | Validate config file syntax and paths |
Debug Mode
Enable verbose logging for detailed troubleshooting:
# Maximum verbosity
check_bitdefender lastseen -d endpoint.domain.tld -vvv
# Check specific configuration
check_bitdefender onboarding -c /path/to/config.ini -d endpoint.domain.tld -vv
Required Network Access
Ensure connectivity to:
cloudgz.gravityzone.bitdefender.com
๐ Exit Codes
| Code | Status | Description |
|---|---|---|
0 |
OK | Value within acceptable range |
1 |
WARNING | Value exceeds warning threshold |
2 |
CRITICAL | Value exceeds critical threshold |
3 |
UNKNOWN | Error occurred during execution |
๐ค Contributing
We welcome contributions! Here's how to get started:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Development Guidelines
- Follow PEP 8 style guide
- Add tests for new features
- Update documentation as needed
- Ensure all tests pass before submitting
๐ License
This project is licensed under the MIT License - see the LICENSE file for details.
๐ Acknowledgments
- Built with nagiosplugin framework
- Powered by Click for CLI interface
- Integrates with BitDefender GravityZone API
โญ Star this repository if you find it useful!
๐ Report Bug โข ๐ก Request Feature โข ๐ Documentation
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
check_bitdefender-1.0.5.tar.gz
(33.4 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file check_bitdefender-1.0.5.tar.gz.
File metadata
- Download URL: check_bitdefender-1.0.5.tar.gz
- Upload date:
- Size: 33.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: pdm/2.25.9 CPython/3.9.23 Darwin/24.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f2784af132c0fbbb3b4e9cf79c5dbf38a650edaa0f7e4da9d09b32eee1bde34c
|
|
| MD5 |
36662dc456faeeca0261f74953984bfb
|
|
| BLAKE2b-256 |
2ba469a9d14f1d43801560daf61625ebdc63eab93d5d5a6d064cee73d3785149
|
File details
Details for the file check_bitdefender-1.0.5-py3-none-any.whl.
File metadata
- Download URL: check_bitdefender-1.0.5-py3-none-any.whl
- Upload date:
- Size: 30.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: pdm/2.25.9 CPython/3.9.23 Darwin/24.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4d04036aeefab95a158f16aa9c0006ad7f5b18b31badb6e6ef2ef3b2eee40a25
|
|
| MD5 |
d00d118d10ebc9253a95572d6935a137
|
|
| BLAKE2b-256 |
1652531deb064920f4149c5dccc8138af3662067de9f4d78731146669fea0d3a
|
