msticnb - MSTIC Notebooklets¶
msticnb is a companion package to msticpy. It is designed to be used in Jupyter notebooks by security operations engineers and analysts, to give them quick access to common notebook patterns such as retrieving summary information about a host or IP address.
Each notebooklet is equivalent to multiple cells and many lines of code in a traditional notebook. You can import and run a notebooklet with two lines of code (or even 1 line, if you are impatient). Typically, the input parameters to a notebooklet will be an identifier (e.g. a host name) and a time range (over which to query data). Some notebooklets (primarily packaged analytics) will take a pandas DataFrame as input.
host_summary = nb.nblts.azsent.host.HostSummary() host_sum_rslt = host_summary.run(value="Msticalertswin1", timespan=time_span)
You can create your own notebooklets and use them in the same framework as the ones already in the package.
Read on to find out more about using and creating notebooklets.
Introduction and Usage¶
- Using Notebooklets
- Current Notebooklets
- Core modules and classes
- Notebooklets source documentation
- Notebook Common Library modules