msticpy
latest
  • Getting Started
  • Querying and Importing Data
  • Enriching Data
  • Analyzing Data
    • Base64 Decoding and Unpacking
    • IoC Extraction
    • Event Clustering
    • Anomalous Sessions
    • Pivot Functions
  • Displaying/Visualizing Data
  • msticpy API
  • Notebook Examples
  • Articles, Labs and other Resources
  • Releases
  • Contributing
  • License
msticpy
  • Docs »
  • Analyzing Data
  • Edit on GitHub

Analyzing Data¶

  • Base64 Decoding and Unpacking
    • Base64 decode an input string
    • Using a DataFrame as input
    • Interpreting the DataFrame output
    • Decoding Nested Base64/Archives
    • IPython magic
    • Pandas Extension
  • IoC Extraction
    • Looking for IoC in a String
    • Using a DataFrame as Input
    • IoCExtractor API
    • Predefined Regex Patterns
    • Adding your own pattern(s)
    • Merging output with source data
    • IPython magic
    • Pandas Extension
  • Event Clustering
    • Processes on Host - Clustering
    • Host Logons
  • Anomalous Sessions
    • Creating the Sessions
    • Model the sessions
    • Visualise the Modelled Sessions
    • Other Log Types + KQL
  • Pivot Functions
    • What are Pivot Functions?
    • What is “Pivoting”?
    • Getting started
    • Initializing the Pivot library
    • Running a pivot function
    • Data query pivot functions
    • Threat Intelligence lookups
    • A pandas processing pipeline with pivot functions
    • Customizing and managing Pivots
Next Previous

© Copyright 2019, (c) Microsoft Corporation. Revision 8676a648.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
stable
Downloads
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.