{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Title: IP Explorer\n",
"<details>\n",
"
\n",
"**Python Version:** Python 3.7 (including Python 3.6 - AzureML)
\n",
"**Required Packages**: kqlmagic, msticpy, pandas, numpy, matplotlib, networkx, ipywidgets, ipython, scikit_learn, dnspython, ipwhois, folium, holoviews
\n",
"**Platforms Supported**:\n",
"- Azure Notebooks Free Compute\n",
"- Azure Notebooks DSVM\n",
"- OS Independent\n",
"\n",
"**Data Sources Required**:\n",
"- Log Analytics \n",
" - Heartbeat\n",
" - SecurityAlert\n",
" - SecurityEvent\n",
" - AzureNetworkAnalytics_CL\n",
" \n",
"- (Optional) \n",
" - VirusTotal (with API key)\n",
" - Alienvault OTX (with API key) \n",
" - IBM Xforce (with API key) \n",
" - CommonSecurityLog\n",
"</details>\n",
"\n",
"\n",
"Brings together a series of queries and visualizations to help you assess the security state of an IP address. It works with both internal addresses and public addresses. \n",
"
For internal addresses it focuses on traffic patterns and behavior of the host using that IP address. For public IPs it lets you perform threat intelligence lookups, passive dns, whois and other checks. \n",
"
It also allows you to examine any network traffic between the external IP address and your resources."
]
},
{
"cell_type": "markdown",
"metadata": {
"toc": true
},
"source": [
"