Notebooklet Class - HostLogonsSummary

Host Logons Summary Notebooket class.

Queries and displays information about logons to a host including:

Summary of sucessfull logons
Visualizations of logon event times
Geolocation of remote logon sources
Visualizations of various logon elements depending on host type
Data on users with failed and sucessful logons

Display Sections

Results Class

HostLogonsSummaryResult

Host Logons Summary Results.

Attributes

logon_sessions: pd.DataFrame

A Dataframe summarizing all sucessfull and failed logon attempts observed during the specified time period.
logon_map: FoliumMap

A map showing remote logon attempt source locations. Red points represent failed logons, green successful.
plots: Dict

A collection of Bokeh plot figures showing various aspects of observed logons. Keys are a descriptive name of the plot and values are the plot figures.

Methods

Instance Methods

init

__init__(self, data_providers: Optional[<msticnb.data_providers.SingletonDecorator object at 0x0000023FAFA3A6A0>] = None, **kwargs)

Initialize a new instance of the notebooklet class.

run

run(self, value: Any = None, data: Optional[pandas.core.frame.DataFrame] = None, timespan: Optional[msticpy.common.timespan.TimeSpan] = None, options: Optional[Iterable[str]] = None, **kwargs) -> msticnb.nb.azsent.host.host_logons_summary.HostLogonsSummaryResult

Return host summary data.

Inherited methods

check_table_exists

check_table_exists(self, table: str) -> bool

Check to see if the table exists in the provider.

check_valid_result_data

check_valid_result_data(self, attrib: str = None, silent: bool = False) -> bool

Check that the result is valid and attrib contains data.

get_methods

get_methods(self) -> Dict[str, Callable[[Any], Any]]

Return methods available for this class.

get_pivot_run

get_pivot_run(self, get_timespan: Callable[[], msticpy.common.timespan.TimeSpan])

Return Pivot-wrappable run function.

get_provider

get_provider(self, provider_name: str)

Return data provider for the specified name.

list_methods

list_methods(self) -> List[str]

Return list of methods with descriptions.

run_nb_func

run_nb_func(self, nb_func: Union[str, msticnb.notebooklet_func.NBFunc], **kwargs)

Run the notebooklet function and return the results.

run_nb_funcs

run_nb_funcs(self)

Run all notebooklet functions defined for the notebooklet.

Other Methods

add_nb_function

add_nb_function(nb_func: Union[str, msticnb.notebooklet_func.NBFunc], **kwargs)

Add a notebooklet function to the class.

all_options

all_options() -> List[str]

Return supported options for Notebooklet run function.

default_options

default_options() -> List[str]

Return default options for Notebooklet run function.

description

description() -> str

Return description of the Notebooklet.

entity_types

entity_types() -> List[str]

Entity types supported by the notebooklet.

get_help

get_help(fmt=’html’) -> str

Return HTML document for class.

get_settings

get_settings(print_settings=True) -> Optional[str]

Print or return metadata for class.

import_cell

import_cell()

Import the text of this module into a new cell.

keywords

keywords() -> List[str]

Return search keywords for Notebooklet.

list_options

list_options() -> str

Return options document for Notebooklet run function.

match_terms

match_terms(search_terms: str) -> Tuple[bool, int]

Search class definition for search_terms.

name

name() -> str

Return name of the Notebooklet.

print_options

print_options()

Print options for Notebooklet run function.

result

result [property] Return result of the most recent notebooklet run.

show_help

show_help()

Display Documentation for class.

silent

silent [property] Get the current instance setting for silent running.

<hr>

`run` function documentation