search

microsoft / mdatp-xplat

Microsoft Defender for macOS/Linux - config samples, auxiliary tools
MIT License
187 stars 188 forks source link

Update key in dictionary #98

Open Fisstouk opened 1 year ago

Fisstouk commented 1 year ago

Update the new "totalFilesScanned" key

Fisstouk commented 1 year ago

Here is a detail explanation of the issue:

  1. I used the command mdatp diagnostic real-time-protection-statistics --output json > real_time_protection.json to check the statistics about Microsoft Defender
  2. I downloaded the python parser with the command curl -O https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/linux/diagnostic/high_cpu_parser.py
  3. When I used the command cat real_time_protection.json | python3 high_cpu_parser.py > real_time_protection.log to display processes using a high CPU load, I had a KeyError.

The JSON keys have changed and the snake case writing style was replaced by the camel case writing style, for example total_files_scanned is now totalFilesScanned in the file real_time_protection.json