msticpy.vis.timeseries module

Module for common display functions.

msticpy.vis.timeseries.display_timeseries_anomalies(data: DataFrame, y: str = 'Total', time_column: str = 'TimeGenerated', anomalies_column: str = 'anomalies', period: int = 30, **kwargs) bokeh.models.LayoutDOM

Display time series anomalies visualization.

Parameters:

  • data (pd.DataFrame) – DataFrame as a time series data set retrieved from KQL time series functions. Dataframe must have columns specified in y, time_column and anomalies_column parameters

  • value_column (str, optional) – Name of column holding numeric values to plot against time series to determine anomalies (the default is ‘Total’)

  • y (str, optional) – alias for “value_column”

  • time_column (str, optional) – Name of the timestamp column (the default is ‘TimeGenerated’)

  • anomalies_column (str, optional) – Name of the column holding binary status(1/0) for anomaly/benign (the default is ‘anomalies’)

  • period (int, optional) – Period of the dataset for hourly-no of days, for daily-no of weeks. This is used to correctly calculate the plot height. (the default is 30)

  • ref_time (datetime, optional) – Input reference line to display (the default is None)

  • title (str, optional) – Title to display (the default is None)

  • legend (str, optional) – Where to position the legend None, left, right or inline (default is None)

  • yaxis (bool, optional) – Whether to show the yaxis and labels

  • range_tool (bool, optional) – Show the the range slider tool (default is True)

  • height (int, optional) – The height of the plot figure (the default is auto-calculated height)

  • width (int, optional) – The width of the plot figure (the default is 900)

  • xgrid (bool, optional) – Whether to show the xaxis grid (default is True)

  • ygrid (bool, optional) – Whether to show the yaxis grid (default is False)

  • color (list, optional) – List of colors to use in 3 plots as specified in order 3 plots- line(observed), circle(baseline), circle_x/user specified(anomalies). (the default is [“navy”, “green”, “firebrick”])

Returns:

The bokeh plot layout.

Return type:

LayoutDOM

msticpy.vis.timeseries.display_timeseries_anomolies(*args, **kwargs)

Call display_timeseries_anomalies.

Deprecated since version 1.7.0: Will be removed in version 2.0.0. Please use display_timeseries_anomalies