A comprehensive Nagios plugin for monitoring BitDefender GravityZone for Endpoint API endpoints. Built with modern Python practices and designed for enterprise monitoring environments.
- π Authentication - Support for API Token
- π― Multiple Endpoints - Monitor onboarding status, last seen, last scan, and endpoint details
- π Nagios Compatible - Standard exit codes and performance data output
- ποΈ Clean Architecture - Modular design with testable components
- π§ Flexible Configuration - File-based configuration with sensible defaults
- π Verbose Logging - Multi-level debugging support
- π Modern Python - Built with Python 3.9+ using type hints and async patterns
# Create virtual environment (recommended)
python -m venv /usr/local/libexec/nagios/check_bitdefender
source /usr/local/libexec/nagios/check_bitdefender/bin/activate
# Install from source
pip install git+https://github.com/lduchosal/check_bitdefender.git# List all endpoints
check_bitdefender endpoints
# Check onboarding status
check_bitdefender onboarding -d endpoint.domain.tld
# Check last seen (days since endpoint last connected)
check_bitdefender lastseen -d endpoint.domain.tld
# Check last scan (days since last antivirus scan)
check_bitdefender lastscan -d endpoint.domain.tld
# Get detailed endpoint info
check_bitdefender detail -d endpoint.domain.tld| Command | Description | Default Thresholds |
|---|---|---|
endpoints |
List all endpoints | W:10, C:25 |
onboarding |
Check endpoint onboarding status | W:2, C:1 |
lastseen |
Check days since endpoint was last seen | W:7, C:30 |
lastscan |
Check days since endpoint was last scanned | W:7, C:30 |
detail |
Get detailed endpoint information | - |
0- Onboarded β1- InsufficientInfoβ οΈ 2- Unknown β
Create check_bitdefender.ini in your Nagios directory or current working directory:
[auth]
token = your-api-token-here
[settings]
timeout = 5
parent_id = your-company-id-here # Optional: specify company/parent ID- Log into GravityZone Control Center
- Navigate to My Account > API Keys
- Generate a new API key with appropriate permissions
- Copy the API token to your configuration file
| Option | Description | Example |
|---|---|---|
-c, --config |
Configuration file path | -c /custom/path/config.ini |
-m, --endpointId |
Endpoint ID (GUID) | -m "12345678-1234-1234-1234-123456789abc" |
-d, --fqdn |
Computer DNS Name (FQDN) | -d "server.domain.com" |
-W, --warning |
Warning threshold | -W 10 |
-C, --critical |
Critical threshold | -C 100 |
-v, --verbose |
Verbosity level | -v, -vv, -vvv |
--version |
Show version | --version |
# BitDefender GravityZone Commands
define command {
command_name check_bitdefender_onboarding
command_line $USER1$/check_bitdefender/bin/check_bitdefender onboarding -d $HOSTALIAS$
}
define command {
command_name check_bitdefender_lastseen
command_line $USER1$/check_bitdefender/bin/check_bitdefender lastseen -d $HOSTALIAS$ -W 7 -C 30
}
define command {
command_name check_bitdefender_lastscan
command_line $USER1$/check_bitdefender/bin/check_bitdefender lastscan -d $HOSTALIAS$ -W 7 -C 30
}
# BitDefender GravityZone Services
define service {
use generic-service
service_description BITDEFENDER_ONBOARDING
check_command check_bitdefender_onboarding
hostgroup_name bitdefender
}
define service {
use generic-service
service_description BITDEFENDER_LASTSEEN
check_command check_bitdefender_lastseen
hostgroup_name bitdefender
}
define service {
use generic-service
service_description BITDEFENDER_LASTSCAN
check_command check_bitdefender_lastscan
hostgroup_name bitdefender
}
This plugin follows clean architecture principles with clear separation of concerns:
check_bitdefender/
βββ π cli/ # Command-line interface
β βββ commands/ # Individual command handlers
β β βββ endpoints.py # List endpoints command
β β βββ onboarding.py # Onboarding status command
β β βββ lastseen.py # Last seen command
β β βββ lastscan.py # Last scan command
β β βββ detail.py # Endpoint detail command
β βββ decorators.py # Common CLI decorators
βββ π core/ # Core business logic
β βββ auth.py # Authentication management
β βββ config.py # Configuration handling
β βββ defender.py # BitDefender API client
β βββ exceptions.py # Custom exceptions
β βββ nagios.py # Nagios plugin framework
βββ π services/ # Business services
β βββ endpoint_service.py # Endpoints business logic
β βββ onboarding_service.py # Onboarding check logic
β βββ lastseen_service.py # Last seen check logic
β βββ lastscan_service.py # Last scan check logic
β βββ detail_service.py # Detail retrieval logic
β βββ models.py # Data models
βββ π tests/ # Comprehensive test suite
βββ unit/ # Unit tests
βββ integration/ # Integration tests
- π― Single Responsibility - Each module has one clear purpose
- π Dependency Injection - Easy testing and mocking
- π§ͺ Testable - Comprehensive test coverage
- π Extensible - Easy to add new commands and features
- π Secure - No secrets in code, proper credential handling
# Clone repository
git clone https://github.com/lduchosal/check_bitdefender.git
cd check_bitdefender
# Create development environment
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
# Install in development mode
pip install -e .# Format code
black check_bitdefender/
# Lint code
flake8 check_bitdefender/
# Type checking
mypy check_bitdefender/
# Run tests
pytest tests/ -v --cov=check_bitdefender# Build package
python -m build
# Test installation
pip install dist/*.whl
# Publish to PyPI
python -m twine upload dist/*DEFENDER OK - Onboarding status: 0 (Onboarded) | onboarding=0;1;2;0;2
DEFENDER WARNING - Last seen: 10 days ago | lastseen=10;7;30;0;
DEFENDER CRITICAL - Last scan: 35 days ago | lastscan=35;7;30;0;
| Issue | Solution |
|---|---|
| Authentication Errors | Verify BitDefender GravityZone API token |
| Network Connectivity | Check firewall rules for cloudgz.gravityzone.bitdefender.com |
| Import Errors | Ensure all dependencies are installed |
| Configuration Issues | Validate config file syntax and paths |
Enable verbose logging for detailed troubleshooting:
# Maximum verbosity
check_bitdefender lastseen -d endpoint.domain.tld -vvv
# Check specific configuration
check_bitdefender onboarding -c /path/to/config.ini -d endpoint.domain.tld -vvEnsure connectivity to:
cloudgz.gravityzone.bitdefender.com
| Code | Status | Description |
|---|---|---|
0 |
OK | Value within acceptable range |
1 |
WARNING | Value exceeds warning threshold |
2 |
CRITICAL | Value exceeds critical threshold |
3 |
UNKNOWN | Error occurred during execution |
We welcome contributions! Here's how to get started:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow PEP 8 style guide
- Add tests for new features
- Update documentation as needed
- Ensure all tests pass before submitting
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with nagiosplugin framework
- Powered by Click for CLI interface
- Integrates with BitDefender GravityZone API
β Star this repository if you find it useful!
π Report Bug β’ π‘ Request Feature β’ π Documentation