Skip to content

Commit 41fb7bf

Browse files
lazyfroschlazyfrosch
committed
Update README
1 parent 18e2570 commit 41fb7bf

File tree

2 files changed

+42
-0
lines changed

2 files changed

+42
-0
lines changed

README.md

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,46 @@ Check for threats on the SentinelOne Cloud service.
66
You need to provide the URL of your instance and an authentication token, which is user specific.
77
It is recommended to create a new user with "Viewer" permissions only.
88

9+
Threats will be listed until their incident state has been resolved, or with the `--ignore-in-progress` flag, is no
10+
longer "unresolved". Mitigated threats appear as warning.
11+
912
## Usage
1013

14+
```
15+
Arguments:
16+
-H, --url string Management URL (e.g. https://your-site.sentinelone.net) (env:SENTINELONE_URL)
17+
-T, --token string API AuthToken (env:SENTINELONE_TOKEN)
18+
--site string Only list threats belonging to a named site
19+
--ignore-in-progress Ignore threats, where the incident status is in-progress
20+
-t, --timeout int Abort the check after n seconds (default 30)
21+
-d, --debug Enable debug mode
22+
-v, --verbose Enable verbose mode
23+
-V, --version Print version and exit
24+
```
25+
1126
## Example
1227

28+
```
29+
$ check_sentinelone --url https://your-site.sentinelone.net --token secret --site Customer
30+
CRITICAL - site Customer - 13 threats found, 3 not mitigated
31+
32+
## Your Account / Customer / Default Group
33+
34+
[2020-08-12 12:59 CEST] [WARNING] fileserver: (Downloader) PDFCreator-1_9_4-setup.exe (Marked as benign)
35+
[2020-07-03 08:23 CEST] [WARNING] fileserver: (PUA) cdbxp_setup_4.5.7.6321.exe (Mitigated)
36+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 2-1.exe (Mitigated)
37+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 4-0.exe (Mitigated)
38+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 7-0.exe (Mitigated)
39+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 13-0.exe (Mitigated)
40+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 1-0.exe (Mitigated)
41+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 14-0.exe (Mitigated)
42+
[2020-07-02 23:12 CEST] [WARNING] fileserver: (Trojan) 12-0.exe (Mitigated)
43+
[2020-07-02 22:05 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)
44+
[2020-07-02 22:05 CEST] [WARNING] fileserver: (Adware) cdbxp_setup_4-{DFBDE0DF-DBEC-4437-A6D6-76CD670E9503}-v297222.exe (Mitigated)
45+
[2020-07-02 21:58 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)
46+
[2020-07-02 21:58 CEST] [CRITICAL] fileserver: (Adware) cdbxp_setup_4.5.8.7035.exe (Not mitigated)
47+
| threats=13 threats_not_mitigated=3
48+
```
1349

1450
## API Documentation
1551

main.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,12 @@ import (
66

77
const readme = `Check for threats on the SentinelOne Cloud service.
88
9+
You need to provide the URL of your instance and an authentication token, which is user specific.
10+
It is recommended to create a new user with "Viewer" permissions only.
11+
12+
Threats will be listed until their incident state has been resolved, or with the
13+
--ignore-in-progress flag, is no longer "unresolved". Mitigated threats appear as warning.
14+
915
https://github.com/NETWAYS/check_sentinelone
1016
1117
Copyright (c) 2020 NETWAYS GmbH <info@netways.de>

0 commit comments

Comments
 (0)