msticpy.vis.nbdisplay module
Module for common display functions.
- msticpy.vis.nbdisplay.display_alert(alert: Union[Mapping[str, Any], SecurityAlert], show_entities: bool = False)
Display a Security Alert.
- Parameters
alert (Union[Mapping[str, Any], SecurityAlert]) – The alert to display as Mapping (e.g. pd.Series) or SecurityAlert
show_entities (bool, optional) – Whether to display entities (the default is False)
- msticpy.vis.nbdisplay.display_logon_data(logon_event: DataFrame, alert: Optional[SecurityAlert] = None, os_family: Optional[str] = None)
Display logon data for one or more events as HTML table.
- Parameters
logon_event (pd.DataFrame) – Dataframe containing one or more logon events
alert (SecurityAlert, optional) – obtain os_family from the security alert (the default is None)
os_family (str, optional) – explicitly specify os_family (Linux or Windows) (the default is None)
Notes
Currently only Windows Logon events.
- msticpy.vis.nbdisplay.draw_alert_entity_graph(nx_graph: networkx.Graph, font_size: int = 12, height: int = 8, width: int = 8, margin: float = 0.3, scale: int = 1)
Draw networkX graph with matplotlib.
- Parameters
nx_graph (nx.Graph) – The NetworkX graph to draw
font_size (int, optional) – base font size (the default is 12)
height (int, optional) – Image height (the default is 8)
width (int, optional) – Image width (the default is 8)
margin (float, optional) – Image margin (the default is 0.3)
scale (int, optional) – Position scale (the default is 1)
deprecated: (..) – 0.3.2: Matplotlib version ‘draw_alert_entity_graph’ no longer supported - use ‘plot_entity_graph’
- msticpy.vis.nbdisplay.exec_remaining_cells()
Execute all cells below currently selected cell.
- msticpy.vis.nbdisplay.format_alert(alert: Union[Mapping[str, Any], SecurityAlert], show_entities: bool = False) Union[IPython.display.HTML, Tuple[IPython.display.HTML, DataFrame]]
Get IPython displayable Security Alert.
- Parameters
alert (Union[Mapping[str, Any], SecurityAlert]) – The alert to display as Mapping (e.g. pd.Series) or SecurityAlert
show_entities (bool, optional) – Whether to display entities (the default is False)
- Returns
Single or tuple of displayable IPython objects
- Return type
Union[IPython.display.HTML, Tuple[IPython.display.HTML, pd.DataFrame]]
- Raises
ValueError – If the alert object is in an unknown format
- msticpy.vis.nbdisplay.format_logon(logon_event: Union[DataFrame, Series], alert: Optional[SecurityAlert] = None, os_family: Optional[str] = None) IPython.display.HTML
Return logon data for one or more events as HTML table.
- Parameters
logon_event (Union[pd.DataFrame, pd.Series]) – Dataframe containing one or more logon events or Series containing a single logon event.
alert (SecurityAlert, optional) – obtain os_family from the security alert (the default is None)
os_family (str, optional) – explicitly specify os_family (Linux or Windows) (the default is None)
- Returns
HTML display object
- Return type