Notebooklet Class - HostNetworkSummary

Host Network Summary Notebooklet class.

Queries and displays information about network connections by a host including:

Summary of network connections
Visualizations of network events
Geolocation of remote IP addresses
Threat Intelligence enrichment of remote IP addresses

Display Sections

Results Class

HostNetworkSummaryResult

Host Network Summary Results.

Attributes

flows: pd.DataFrame

A Dataframe summarizing all network flows to and from a host.
flow_matrix: LayoutDOM

A plot of network traffic volumes from the host.
flow_whois: pd.DataFrame

Network flow data to and from the host enriched with WhoIs information about the IP address.
flow_map: FoliumMap

A map showing the location of all remote IP addresses communicating with the host.
flow_ti: pd.DataFrame

Network flow data to and from the host enriched with Threat Intelligence results for the IP address.

Methods

Instance Methods

init

__init__(self, data_providers: Optional[<msticnb.data_providers.SingletonDecorator object at 0x0000023FAFA3A6A0>] = None, **kwargs)

Initialize a new instance of the notebooklet class.

run

run(self, value: Any = None, data: Optional[pandas.core.frame.DataFrame] = None, timespan: Optional[msticpy.common.timespan.TimeSpan] = None, options: Optional[Iterable[str]] = None, **kwargs) -> msticnb.nb.azsent.host.host_logons_summary.HostLogonsSummaryResult

Return host network data.

Inherited methods

check_table_exists

check_table_exists(self, table: str) -> bool

Check to see if the table exists in the provider.

check_valid_result_data

check_valid_result_data(self, attrib: str = None, silent: bool = False) -> bool

Check that the result is valid and attrib contains data.

get_methods

get_methods(self) -> Dict[str, Callable[[Any], Any]]

Return methods available for this class.

get_pivot_run

get_pivot_run(self, get_timespan: Callable[[], msticpy.common.timespan.TimeSpan])

Return Pivot-wrappable run function.

get_provider

get_provider(self, provider_name: str)

Return data provider for the specified name.

list_methods

list_methods(self) -> List[str]

Return list of methods with descriptions.

run_nb_func

run_nb_func(self, nb_func: Union[str, msticnb.notebooklet_func.NBFunc], **kwargs)

Run the notebooklet function and return the results.

run_nb_funcs

run_nb_funcs(self)

Run all notebooklet functions defined for the notebooklet.

Other Methods

add_nb_function

add_nb_function(nb_func: Union[str, msticnb.notebooklet_func.NBFunc], **kwargs)

Add a notebooklet function to the class.

all_options

all_options() -> List[str]

Return supported options for Notebooklet run function.

default_options

default_options() -> List[str]

Return default options for Notebooklet run function.

description

description() -> str

Return description of the Notebooklet.

entity_types

entity_types() -> List[str]

Entity types supported by the notebooklet.

get_help

get_help(fmt=’html’) -> str

Return HTML document for class.

get_settings

get_settings(print_settings=True) -> Optional[str]

Print or return metadata for class.

import_cell

import_cell()

Import the text of this module into a new cell.

keywords

keywords() -> List[str]

Return search keywords for Notebooklet.

list_options

list_options() -> str

Return options document for Notebooklet run function.

match_terms

match_terms(search_terms: str) -> Tuple[bool, int]

Search class definition for search_terms.

name

name() -> str

Return name of the Notebooklet.

print_options

print_options()

Print options for Notebooklet run function.

result

result [property] Return result of the most recent notebooklet run.

show_help

show_help()

Display Documentation for class.

silent

silent [property] Get the current instance setting for silent running.

<hr>

`run` function documentation