msticpy
latest
  • Getting Started
  • Querying and Importing Data
  • Enriching Data
  • Analyzing Data
  • Displaying/Visualizing Data
  • msticpy API
  • Extending MSTICPy
  • MSTICPy Development Guidelines
  • Notebook Examples
    • Data
    • Enrichment
    • Analysis
    • Visualization and Tools
    • Configuration
  • Articles, Labs and other Resources
  • Releases
  • Contributing
  • License
msticpy
  • Notebook Examples
  • Edit on GitHub

Notebook Examples

See the following notebooks for examples of the use of this package in practice:

Data

  • Data Queries

  • MDE Queries

  • Splunk Data

  • Azure Storage

  • Mordor Data

  • SQL to KQL conversion Notebook

Enrichment

  • Threat Intel Providers Notebook

  • GeoIP Lookup Notebook

  • VirusTotal Lookup Notebook

  • VirusTotal V3 API

  • Azure Sentinel API

Analysis

  • Anomalous Sequence Notebook

  • Time Series Anomalies Notebook

  • Event Clustering Tree Notebook

  • Base64Unpack Notebook

  • IoCExtract Notebook

  • Pivot Functions

  • Pivot Functions Intro

Visualization and Tools

  • Notebooks Widgets and Tools

  • Event Timeline Notebook

  • Process Tree Notebook Notebook

  • Folium Geo-map Notebook

Configuration

  • MSTICPy Settings editor

Previous Next

© Copyright 2019, (c) Microsoft Corporation.. Revision 1f87529a.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
stable
v2.3.0
v2.2.0
v2.1.0
v2.0.0
v1.8.0
v1.7.5
v1.7.0
v1.6.1
v1.5.0
v1.4.0
v1.3.0
v1.2.1
v1.1.0
v1.0.0
release-msticpy-v2.0.0
Downloads
On Read the Docs
Project Home
Builds