From 19e75854b0bb8d0c457fb01ce5d638a0cb62aece Mon Sep 17 00:00:00 2001 From: log1-c <24474580+log1-c@users.noreply.github.com> Date: Fri, 22 Mar 2024 09:54:52 +0100 Subject: [PATCH 1/5] threats for computername If ComputerName is set via parameter, ignore all threats that don't belong to it. --- api/threats.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/api/threats.go b/api/threats.go index 47aba2c..0e712bd 100644 --- a/api/threats.go +++ b/api/threats.go @@ -36,7 +36,7 @@ type ThreatInfo struct { MitigationStatusDescription string `json:"mitigationStatusDescription"` } -func (c *Client) GetThreats(values url.Values) (threats []*Threat, err error) { +func (c *Client) GetThreats(values url.Values, computername string) (threats []*Threat, err error) { // nolint: noctx req, err := c.NewRequest("GET", "v2.1/threats?"+values.Encode(), nil) if err != nil { @@ -55,7 +55,9 @@ func (c *Client) GetThreats(values url.Values) (threats []*Threat, err error) { if err != nil { return } - + if computername != "" && computername != t.AgentRealtimeInfo.AgentComputerName { + continue + } threats = append(threats, t) } From 9efb9a5a9689352944626b2a5e76e8764b77de4d Mon Sep 17 00:00:00 2001 From: log1-c <24474580+log1-c@users.noreply.github.com> Date: Fri, 22 Mar 2024 09:55:44 +0100 Subject: [PATCH 2/5] threats for computername --- check.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check.go b/check.go index 934d947..8f73245 100644 --- a/check.go +++ b/check.go @@ -83,7 +83,7 @@ func (c *Config) Run() (rc int, output string, err error) { values.Set("computerName__contains", c.ComputerName) } - threats, err := client.GetThreats(values) + threats, err := client.GetThreats(values, c.ComputerName) if err != nil { return } From 379fe1d3b0288cc9f34b0fafce281126e55a07ea Mon Sep 17 00:00:00 2001 From: Lisa Vossen Date: Mon, 10 Feb 2025 16:29:55 +0100 Subject: [PATCH 3/5] feat: adds ability to search threats by group name and/or group ID --- .gitignore | 2 ++ api/response.go | 1 + api/threats.go | 7 ++++++- check.go | 12 +++++++----- go.mod | 26 ++++++++++++++++++++++++- go.sum | 51 +++++++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 92 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index c177d61..4632894 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,8 @@ dist/ check_sentinelone .env* +.vscode/ +launch.json coverage.html coverage.out \ No newline at end of file diff --git a/api/response.go b/api/response.go index 629b6ee..7e32655 100644 --- a/api/response.go +++ b/api/response.go @@ -40,6 +40,7 @@ type JSONError struct { func (c *Client) GetJSONResponse(req *http.Request) (data *ResponseBody, err error) { res, err := c.Do(req) + if err != nil { return } diff --git a/api/threats.go b/api/threats.go index 0e712bd..8a912c2 100644 --- a/api/threats.go +++ b/api/threats.go @@ -36,7 +36,7 @@ type ThreatInfo struct { MitigationStatusDescription string `json:"mitigationStatusDescription"` } -func (c *Client) GetThreats(values url.Values, computername string) (threats []*Threat, err error) { +func (c *Client) GetThreats(values url.Values, computername string, groupID string, groupName string) (threats []*Threat, err error) { // nolint: noctx req, err := c.NewRequest("GET", "v2.1/threats?"+values.Encode(), nil) if err != nil { @@ -57,7 +57,12 @@ func (c *Client) GetThreats(values url.Values, computername string) (threats []* } if computername != "" && computername != t.AgentRealtimeInfo.AgentComputerName { continue + } else if groupID != "" && groupID != t.AgentRealtimeInfo.GroupID { + continue + } else if groupName != "" && groupName != t.AgentRealtimeInfo.GroupName { + continue } + threats = append(threats, t) } diff --git a/check.go b/check.go index 8f73245..d5e818e 100644 --- a/check.go +++ b/check.go @@ -18,6 +18,8 @@ type Config struct { IgnoreInProgress bool SiteName string ComputerName string + GroupID string + GroupName string } func BuildConfigFlags(fs *pflag.FlagSet) (config *Config) { @@ -26,14 +28,13 @@ func BuildConfigFlags(fs *pflag.FlagSet) (config *Config) { fs.StringVarP(&config.ManagementURL, "url", "H", "", "Management URL (e.g. https://your-site.sentinelone.net) (env:SENTINELONE_URL)") fs.StringVarP(&config.AuthToken, "token", "T", "", "API AuthToken (env:SENTINELONE_TOKEN)") - fs.StringVar(&config.SiteName, "site", "", "Only list threats belonging to a named site") - fs.BoolVar(&config.IgnoreInProgress, "ignore-in-progress", false, "Ignore threats, where the incident status is in-progress") - fs.StringVar(&config.ComputerName, "computer-name", "", "Only list threats belonging to the specified computer name") + fs.StringVar(&config.GroupID, "group-id", "", "List threats belonging to the specified groupID") + fs.StringVar(&config.GroupName, "group-name", "", "List threats belonging to the specified group name") return } @@ -83,7 +84,7 @@ func (c *Config) Run() (rc int, output string, err error) { values.Set("computerName__contains", c.ComputerName) } - threats, err := client.GetThreats(values, c.ComputerName) + threats, err := client.GetThreats(values, c.ComputerName, c.GroupID, c.GroupName) if err != nil { return } @@ -121,7 +122,6 @@ func (c *Config) Run() (rc int, output string, err error) { if threat.ThreatInfo.MitigationStatus == "not_mitigated" { notMitigated++ - stateText = "CRITICAL" } else { stateText = "WARNING" @@ -146,6 +146,8 @@ func (c *Config) Run() (rc int, output string, err error) { sb.WriteString(fmt.Sprintf("site %s - ", c.SiteName) + sb.String()) } else if c.ComputerName != "" { sb.WriteString(fmt.Sprintf("Computer %s - ", c.ComputerName) + sb.String()) + } else if c.GroupID != "" { + sb.WriteString(fmt.Sprintf("Group %s - ", c.GroupID) + sb.String()) } // Add perfdata. diff --git a/go.mod b/go.mod index 87099d9..c9e3bef 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/NETWAYS/check_sentinelone -go 1.22 +go 1.22.0 + +toolchain go1.22.1 require ( github.com/NETWAYS/go-check v0.6.2 @@ -11,7 +13,29 @@ require ( ) require ( + github.com/cilium/ebpf v0.17.2 // indirect + github.com/cosiner/argv v0.1.0 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect github.com/davecgh/go-spew v1.1.1 // indirect + github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d // indirect + github.com/go-delve/delve v1.24.0 // indirect + github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62 // indirect + github.com/google/go-dap v0.12.0 // indirect + github.com/hashicorp/golang-lru v1.0.2 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.16 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/rivo/uniseg v0.4.7 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect + github.com/spf13/cobra v1.8.1 // indirect + go.starlark.net v0.0.0-20250205221240-492d3672b3f4 // indirect + golang.org/x/arch v0.14.0 // indirect + golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 // indirect + golang.org/x/sync v0.11.0 // indirect + golang.org/x/sys v0.30.0 // indirect + golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 1b6d964..65bbb6b 100644 --- a/go.sum +++ b/go.sum @@ -1,16 +1,51 @@ github.com/NETWAYS/go-check v0.6.2 h1:H/9Q/+rVzLbSUV/6QS9eDhyMUml7sf67TF4nSuHBwJo= github.com/NETWAYS/go-check v0.6.2/go.mod h1:qx8m3s2Xul9wqfUjrCSArEFkOdtwxIyUmBYYrCkqA/8= +github.com/cilium/ebpf v0.17.2 h1:IQTaTVu0vKA8WTemFuBnxW9YbAwMkJVKHsNHW4lHv/g= +github.com/cilium/ebpf v0.17.2/go.mod h1:9X5VAsIOck/nCAp0+nCSVzub1Q7x+zKXXItTMYfNE+E= +github.com/cosiner/argv v0.1.0 h1:BVDiEL32lwHukgJKP87btEPenzrrHUjajs/8yzaqcXg= +github.com/cosiner/argv v0.1.0/go.mod h1:EusR6TucWKX+zFgtdUsKT2Cvg45K5rtpCcWz4hK06d8= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= +github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d h1:hUWoLdw5kvo2xCsqlsIBMvWUc1QCSsCYD2J2+Fg6YoU= +github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d/go.mod h1:C7Es+DLenIpPc9J6IYw4jrK0h7S9bKj4DNl8+KxGEXU= +github.com/go-delve/delve v1.24.0 h1:M1auuI7kyfXZm5LMDQEqhqr4koKWOzGKhCgwMxsLQfo= +github.com/go-delve/delve v1.24.0/go.mod h1:yNWXOuo4yslMOOj7O8gIRrf/trDBrFy5ZXwJL4ZzOos= +github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62 h1:IGtvsNyIuRjl04XAOFGACozgUD7A82UffYxZt4DWbvA= +github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62/go.mod h1:biJCRbqp51wS+I92HMqn5H8/A0PAhxn2vyOT+JqhiGI= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-dap v0.12.0 h1:rVcjv3SyMIrpaOoTAdFDyHs99CwVOItIJGKLQFQhNeM= +github.com/google/go-dap v0.12.0/go.mod h1:tNjCASCm5cqePi/RVXXWEVqtnNLV1KTWtYOqu6rZNzc= +github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= +github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= +github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= +github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -18,14 +53,30 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +go.starlark.net v0.0.0-20250205221240-492d3672b3f4 h1:eBP+boBfJoGU3irqbxGTcTlKcbNwJCOdbmsnDq56nak= +go.starlark.net v0.0.0-20250205221240-492d3672b3f4/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= +golang.org/x/arch v0.14.0 h1:z9JUEZWr8x4rR0OU6c4/4t6E6jOZ8/QBS2bBYBm4tx4= +golang.org/x/arch v0.14.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= +golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 h1:qNgPs5exUA+G0C96DrPwNrvLSj7GT/9D+3WMWUcUg34= +golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU= golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20211117180635-dee7805ff2e1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f h1:C8gBEOYcNZK84ngc8O5MU4ouNcnlgqsKinp/gLXK0+A= +golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f/go.mod h1:Ng+6E7PnWNge4EifZkPKeQUnm5iyAoH8qQgw3pLCiF4= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From 85840158473575db2f6ffaf267d8341eee1b2622 Mon Sep 17 00:00:00 2001 From: Lisa Vossen Date: Mon, 17 Feb 2025 15:45:02 +0100 Subject: [PATCH 4/5] adds ability to filter by k8s cluster name --- api/threats.go | 9 ++++++++- check.go | 6 +++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/api/threats.go b/api/threats.go index 8a912c2..f1a1610 100644 --- a/api/threats.go +++ b/api/threats.go @@ -9,6 +9,7 @@ import ( type Threat struct { AgentRealtimeInfo AgentRealtimeInfo `json:"agentRealtimeInfo"` ThreatInfo ThreatInfo `json:"threatInfo"` + KubernetesInfo KubernetesInfo `json:"kubernetesInfo"` } type AgentRealtimeInfo struct { @@ -22,6 +23,10 @@ type AgentRealtimeInfo struct { AgentDomain string `json:"AgentDomain"` } +type KubernetesInfo struct { + Cluster string `json:"cluster"` +} + type ThreatInfo struct { ThreatName string `json:"threatName"` Classification string `json:"classification"` @@ -36,7 +41,7 @@ type ThreatInfo struct { MitigationStatusDescription string `json:"mitigationStatusDescription"` } -func (c *Client) GetThreats(values url.Values, computername string, groupID string, groupName string) (threats []*Threat, err error) { +func (c *Client) GetThreats(values url.Values, computername string, groupID string, groupName string, cluster string) (threats []*Threat, err error) { // nolint: noctx req, err := c.NewRequest("GET", "v2.1/threats?"+values.Encode(), nil) if err != nil { @@ -61,6 +66,8 @@ func (c *Client) GetThreats(values url.Values, computername string, groupID stri continue } else if groupName != "" && groupName != t.AgentRealtimeInfo.GroupName { continue + } else if cluster != "" && cluster != t.KubernetesInfo.Cluster { + continue } threats = append(threats, t) diff --git a/check.go b/check.go index d5e818e..4f398dc 100644 --- a/check.go +++ b/check.go @@ -20,6 +20,7 @@ type Config struct { ComputerName string GroupID string GroupName string + Cluster string } func BuildConfigFlags(fs *pflag.FlagSet) (config *Config) { @@ -35,6 +36,7 @@ func BuildConfigFlags(fs *pflag.FlagSet) (config *Config) { "Only list threats belonging to the specified computer name") fs.StringVar(&config.GroupID, "group-id", "", "List threats belonging to the specified groupID") fs.StringVar(&config.GroupName, "group-name", "", "List threats belonging to the specified group name") + fs.StringVar(&config.Cluster, "cluster", "", "List threats belonging to one k8s cluster") return } @@ -84,7 +86,7 @@ func (c *Config) Run() (rc int, output string, err error) { values.Set("computerName__contains", c.ComputerName) } - threats, err := client.GetThreats(values, c.ComputerName, c.GroupID, c.GroupName) + threats, err := client.GetThreats(values, c.ComputerName, c.GroupID, c.GroupName, c.Cluster) if err != nil { return } @@ -148,6 +150,8 @@ func (c *Config) Run() (rc int, output string, err error) { sb.WriteString(fmt.Sprintf("Computer %s - ", c.ComputerName) + sb.String()) } else if c.GroupID != "" { sb.WriteString(fmt.Sprintf("Group %s - ", c.GroupID) + sb.String()) + } else if c.Cluster != "" { + sb.WriteString(fmt.Sprintf("Cluster %s - ", c.Cluster) + sb.String()) } // Add perfdata. From 9742a4ad4831f282124079aab1633b150bd2d32b Mon Sep 17 00:00:00 2001 From: cpunicorns Date: Mon, 17 Feb 2025 16:07:41 +0100 Subject: [PATCH 5/5] tidies up go.mod and go.sum --- go.mod | 23 +---------------------- go.sum | 55 ++----------------------------------------------------- 2 files changed, 3 insertions(+), 75 deletions(-) diff --git a/go.mod b/go.mod index c9e3bef..49d7453 100644 --- a/go.mod +++ b/go.mod @@ -13,29 +13,8 @@ require ( ) require ( - github.com/cilium/ebpf v0.17.2 // indirect - github.com/cosiner/argv v0.1.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d // indirect - github.com/go-delve/delve v1.24.0 // indirect - github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62 // indirect - github.com/google/go-dap v0.12.0 // indirect - github.com/hashicorp/golang-lru v1.0.2 // indirect - github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/mattn/go-colorable v0.1.14 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect - github.com/mattn/go-runewidth v0.0.16 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/rivo/uniseg v0.4.7 // indirect - github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/sirupsen/logrus v1.9.3 // indirect - github.com/spf13/cobra v1.8.1 // indirect - go.starlark.net v0.0.0-20250205221240-492d3672b3f4 // indirect - golang.org/x/arch v0.14.0 // indirect - golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 // indirect - golang.org/x/sync v0.11.0 // indirect - golang.org/x/sys v0.30.0 // indirect - golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 65bbb6b..2d3250b 100644 --- a/go.sum +++ b/go.sum @@ -1,51 +1,16 @@ github.com/NETWAYS/go-check v0.6.2 h1:H/9Q/+rVzLbSUV/6QS9eDhyMUml7sf67TF4nSuHBwJo= github.com/NETWAYS/go-check v0.6.2/go.mod h1:qx8m3s2Xul9wqfUjrCSArEFkOdtwxIyUmBYYrCkqA/8= -github.com/cilium/ebpf v0.17.2 h1:IQTaTVu0vKA8WTemFuBnxW9YbAwMkJVKHsNHW4lHv/g= -github.com/cilium/ebpf v0.17.2/go.mod h1:9X5VAsIOck/nCAp0+nCSVzub1Q7x+zKXXItTMYfNE+E= -github.com/cosiner/argv v0.1.0 h1:BVDiEL32lwHukgJKP87btEPenzrrHUjajs/8yzaqcXg= -github.com/cosiner/argv v0.1.0/go.mod h1:EusR6TucWKX+zFgtdUsKT2Cvg45K5rtpCcWz4hK06d8= -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= -github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d h1:hUWoLdw5kvo2xCsqlsIBMvWUc1QCSsCYD2J2+Fg6YoU= -github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d/go.mod h1:C7Es+DLenIpPc9J6IYw4jrK0h7S9bKj4DNl8+KxGEXU= -github.com/go-delve/delve v1.24.0 h1:M1auuI7kyfXZm5LMDQEqhqr4koKWOzGKhCgwMxsLQfo= -github.com/go-delve/delve v1.24.0/go.mod h1:yNWXOuo4yslMOOj7O8gIRrf/trDBrFy5ZXwJL4ZzOos= -github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62 h1:IGtvsNyIuRjl04XAOFGACozgUD7A82UffYxZt4DWbvA= -github.com/go-delve/liner v1.2.3-0.20231231155935-4726ab1d7f62/go.mod h1:biJCRbqp51wS+I92HMqn5H8/A0PAhxn2vyOT+JqhiGI= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-dap v0.12.0 h1:rVcjv3SyMIrpaOoTAdFDyHs99CwVOItIJGKLQFQhNeM= -github.com/google/go-dap v0.12.0/go.mod h1:tNjCASCm5cqePi/RVXXWEVqtnNLV1KTWtYOqu6rZNzc= -github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= -github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= -github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= -github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= -github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= -github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= -github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= -github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= -github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -53,30 +18,14 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -go.starlark.net v0.0.0-20250205221240-492d3672b3f4 h1:eBP+boBfJoGU3irqbxGTcTlKcbNwJCOdbmsnDq56nak= -go.starlark.net v0.0.0-20250205221240-492d3672b3f4/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= -golang.org/x/arch v0.14.0 h1:z9JUEZWr8x4rR0OU6c4/4t6E6jOZ8/QBS2bBYBm4tx4= -golang.org/x/arch v0.14.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= -golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 h1:qNgPs5exUA+G0C96DrPwNrvLSj7GT/9D+3WMWUcUg34= -golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU= golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= -golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20211117180635-dee7805ff2e1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= -golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f h1:C8gBEOYcNZK84ngc8O5MU4ouNcnlgqsKinp/gLXK0+A= -golang.org/x/telemetry v0.0.0-20250206143958-557cf9c30e9f/go.mod h1:Ng+6E7PnWNge4EifZkPKeQUnm5iyAoH8qQgw3pLCiF4= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=