msticpy package
Jupyter and Python Tools for InfoSec.
Requires Python 3.8 or later.
To quickly import common modules into a notebook run:
>>> import msticpy as mp
>>> mp.init_notebook()
If not running in a notebook/IPython use >>> mp.init_notebook(globals())
To see help on init_notebook: >>> help(mp.init_notebook)
Search msticpy modules for a keyword: >>> mp.search(keyword)
Full documentation is available at: https://msticpy.readthedocs.io
GitHub repo: https://github.com/microsoft/msticpy
Package structure:
analysis - analysis functions
auth - authentication and secrets management
common - utility functions, common types, exceptions
config - configuration tool
data - queries, data access, context functions
datamodel - entities and pivot functions
init - package initialization
nbtools - deprecated location
nbwidgets - notebook widgets
resources - data resource files
transform - data transforms and decoding
vis - visualizations
Configuration:
set MSTICPYCONFIG environment variable to point to the path of your msticpyconfig.yaml file.
Subpackages
- msticpy.analysis package
- msticpy.auth package
- Submodules
- msticpy.auth.azure_auth module
- msticpy.auth.azure_auth_core module
- msticpy.auth.cloud_mappings module
- msticpy.auth.cred_wrapper module
- msticpy.auth.keyring_client module
- msticpy.auth.keyvault_client module
- msticpy.auth.keyvault_settings module
- msticpy.auth.msal_auth module
- msticpy.auth.secret_settings module
- Submodules
- msticpy.common package
- Subpackages
- Submodules
- msticpy.common.azure_auth module
- msticpy.common.check_version module
- msticpy.common.data_types module
- msticpy.common.data_utils module
- msticpy.common.exceptions module
MsticpyAzureConfigErrorMsticpyAzureConnectionErrorMsticpyConfigExceptionMsticpyConnectionErrorMsticpyDataQueryErrorMsticpyExceptionMsticpyImportExtraErrorMsticpyKeyVaultConfigErrorMsticpyKeyVaultMissingSecretErrorMsticpyKqlConnectionErrorMsticpyMissingDependencyErrorMsticpyNoDataSourceErrorMsticpyNotConnectedErrorMsticpyParameterErrorMsticpyResourceExceptionMsticpyUserConfigErrorMsticpyUserError
- msticpy.common.pkg_config module
- msticpy.common.provider_settings module
- msticpy.common.timespan module
- msticpy.common.wsconfig module
- msticpy.config package
- Submodules
- msticpy.config.ce_azure module
- msticpy.config.ce_azure_sentinel module
- msticpy.config.ce_common module
- msticpy.config.ce_data_providers module
- msticpy.config.ce_keyvault module
- msticpy.config.ce_other_providers module
- msticpy.config.ce_provider_base module
- msticpy.config.ce_simple_settings module
- msticpy.config.ce_ti_providers module
- msticpy.config.ce_user_defaults module
- msticpy.config.comp_edit module
- msticpy.config.compound_ctrls module
- msticpy.config.file_browser module
- msticpy.config.mp_config_control module
- msticpy.config.mp_config_edit module
- msticpy.config.mp_config_file module
- Submodules
- msticpy.context package
- Subpackages
- Submodules
- msticpy.context.contextlookup module
- msticpy.context.domain_utils module
- msticpy.context.geoip module
- msticpy.context.http_provider module
- msticpy.context.ip_utils module
- msticpy.context.lookup module
- msticpy.context.lookup_result module
- msticpy.context.preprocess_observable module
- msticpy.context.provider_base module
- msticpy.context.tilookup module
- msticpy.data package
- msticpy.datamodel package
- msticpy.init package
- msticpy.nbtools package
- Submodules
- msticpy.nbtools.data_viewer module
- msticpy.nbtools.entityschema module
- msticpy.nbtools.foliummap module
- msticpy.nbtools.morph_charts module
- msticpy.nbtools.nbdisplay module
- msticpy.nbtools.nbwidgets module
- msticpy.nbtools.observationlist module
- msticpy.nbtools.process_tree module
- msticpy.nbtools.security_alert module
- msticpy.nbtools.security_alert_graph module
- msticpy.nbtools.security_base module
- msticpy.nbtools.security_event module
- msticpy.nbtools.ti_browser module
- msticpy.nbtools.timeline module
- msticpy.nbtools.timeline_duration module
- msticpy.nbtools.timeline_pd_accessor module
- msticpy.nbtools.timeseries module
- msticpy.nbtools.utility module
- msticpy.nbtools.wsconfig module
- Submodules
- msticpy.nbwidgets package
- Submodules
- msticpy.nbwidgets.core module
- msticpy.nbwidgets.get_environment_key module
- msticpy.nbwidgets.get_text module
- msticpy.nbwidgets.lookback module
- msticpy.nbwidgets.option_buttons module
- msticpy.nbwidgets.progress module
- msticpy.nbwidgets.query_time module
- msticpy.nbwidgets.select_alert module
- msticpy.nbwidgets.select_item module
- msticpy.nbwidgets.select_subset module
- Submodules
- msticpy.transform package
- Submodules
- msticpy.transform.auditdextract module
- msticpy.transform.base64unpack module
- msticpy.transform.cmd_line module
- msticpy.transform.iocextract module
- msticpy.transform.network module
- msticpy.transform.proc_tree_build_mde module
- msticpy.transform.proc_tree_build_winlx module
- msticpy.transform.proc_tree_builder module
- msticpy.transform.proc_tree_schema module
- msticpy.transform.process_tree_utils module
- Submodules
- msticpy.vis package
- Submodules
- msticpy.vis.code_view module
- msticpy.vis.data_viewer module
- msticpy.vis.entity_graph_tools module
- msticpy.vis.foliummap module
- msticpy.vis.matrix_plot module
- msticpy.vis.mordor_browser module
- msticpy.vis.morph_charts module
- msticpy.vis.mp_pandas_plot module
- msticpy.vis.nbdisplay module
- msticpy.vis.network_plot module
- msticpy.vis.process_tree module
- msticpy.vis.query_browser module
- msticpy.vis.ti_browser module
- msticpy.vis.timeline module
- msticpy.vis.timeline_common module
- msticpy.vis.timeline_duration module
- msticpy.vis.timeline_pd_accessor module
- msticpy.vis.timeline_values module
- msticpy.vis.timeseries module
- msticpy.vis.vtobject_browser module
- Submodules