Notebooklet Class - HostNetworkSummary ====================================== Host Network Summary Notebooklet class. Queries and displays information about network connections by a host including: - Summary of network connections - Visualizations of network events - Geolocation of remote IP addresses - Threat Intelligence enrichment of remote IP addresses -------------- Display Sections ---------------- Results Class ------------- HostNetworkSummaryResult ~~~~~~~~~~~~~~~~~~~~~~~~ Host Network Summary Results. Attributes ~~~~~~~~~~ - | flows: pd.DataFrame | A Dataframe summarizing all network flows to and from a host. - | flow_matrix: LayoutDOM | A plot of network traffic volumes from the host. - | flow_whois: pd.DataFrame | Network flow data to and from the host enriched with WhoIs information about the IP address. - | flow_map: FoliumMap | A map showing the location of all remote IP addresses communicating with the host. - | flow_ti: pd.DataFrame | Network flow data to and from the host enriched with Threat Intelligence results for the IP address. -------------- Methods ------- Instance Methods ~~~~~~~~~~~~~~~~ \__init_\_ ^^^^^^^^^^ | \__init__(self, data_providers: Optional[] = None, \**kwargs) | Initialize a new instance of the notebooklet class. run ^^^ | run(self, value: Any = None, data: Optional[pandas.core.frame.DataFrame] = None, timespan: Optional[msticpy.common.timespan.TimeSpan] = None, options: Optional[Iterable[str]] = None, \**kwargs) -> msticnb.nb.azsent.host.host_logons_summary.HostLogonsSummaryResult | Return host network data. Inherited methods ~~~~~~~~~~~~~~~~~ check_table_exists ^^^^^^^^^^^^^^^^^^ | check_table_exists(self, table: str) -> bool | Check to see if the table exists in the provider. check_valid_result_data ^^^^^^^^^^^^^^^^^^^^^^^ | check_valid_result_data(self, attrib: str = None, silent: bool = False) -> bool | Check that the result is valid and ``attrib`` contains data. get_methods ^^^^^^^^^^^ | get_methods(self) -> Dict[str, Callable[[Any], Any]] | Return methods available for this class. get_pivot_run ^^^^^^^^^^^^^ | get_pivot_run(self, get_timespan: Callable[[], msticpy.common.timespan.TimeSpan]) | Return Pivot-wrappable run function. get_provider ^^^^^^^^^^^^ | get_provider(self, provider_name: str) | Return data provider for the specified name. list_methods ^^^^^^^^^^^^ | list_methods(self) -> List[str] | Return list of methods with descriptions. run_nb_func ^^^^^^^^^^^ | run_nb_func(self, nb_func: Union[str, msticnb.notebooklet_func.NBFunc], \**kwargs) | Run the notebooklet function and return the results. run_nb_funcs ^^^^^^^^^^^^ | run_nb_funcs(self) | Run all notebooklet functions defined for the notebooklet. Other Methods ~~~~~~~~~~~~~ add_nb_function ^^^^^^^^^^^^^^^ | add_nb_function(nb_func: Union[str, msticnb.notebooklet_func.NBFunc], \**kwargs) | Add a notebooklet function to the class. all_options ^^^^^^^^^^^ | all_options() -> List[str] | Return supported options for Notebooklet run function. default_options ^^^^^^^^^^^^^^^ | default_options() -> List[str] | Return default options for Notebooklet run function. description ^^^^^^^^^^^ | description() -> str | Return description of the Notebooklet. entity_types ^^^^^^^^^^^^ | entity_types() -> List[str] | Entity types supported by the notebooklet. get_help ^^^^^^^^ | get_help(fmt='html') -> str | Return HTML document for class. get_settings ^^^^^^^^^^^^ | get_settings(print_settings=True) -> Optional[str] | Print or return metadata for class. import_cell ^^^^^^^^^^^ | import_cell() | Import the text of this module into a new cell. keywords ^^^^^^^^ | keywords() -> List[str] | Return search keywords for Notebooklet. list_options ^^^^^^^^^^^^ | list_options() -> str | Return options document for Notebooklet run function. match_terms ^^^^^^^^^^^ | match_terms(search_terms: str) -> Tuple[bool, int] | Search class definition for ``search_terms``. name ^^^^ | name() -> str | Return name of the Notebooklet. print_options ^^^^^^^^^^^^^ | print_options() | Print options for Notebooklet run function. result ^^^^^^ result [property] Return result of the most recent notebooklet run. show_help ^^^^^^^^^ | show_help() | Display Documentation for class. silent ^^^^^^ silent [property] Get the current instance setting for silent running.
``run`` function documentation ------------------------------ Return host network data. Parameters ~~~~~~~~~~ value : str Host name data : Optional[pd.DataFrame], optional Optionally pass raw data to use for analysis, by default None timespan : TimeSpan Timespan over which operations such as queries will be performed, by default None. This can be a TimeStamp object or another object that has valid `start`, `end`, or `period` attributes. Alternatively you can pass `start` and `end` datetime objects. options : Optional[Iterable[str]], optional List of options to use, by default None A value of None means use default options. Returns ~~~~~~~ HostNetworkSummaryResults Result object with attributes for each result type. Raises ~~~~~~ MsticnbMissingParameterError If required parameters are missing MsticnbDataProviderError If data is not avaliable Default Options ~~~~~~~~~~~~~~~ - map: Display a map of remote IP addresses communicating with the host. - ti: Enrich network flow data with Threat Inteligence. - whois: Enrich network flow data with WhoIs information. Other Options ~~~~~~~~~~~~~ None