{ "cells": [ { "cell_type": "markdown", "metadata": {}, "source": [ "# Notebook Environment Setup\n", "\n", "This notebook takes you through detailed setup of your settings for\n", "Azure Sentinel Notebooks and the MSTICPy library. It covers:\n", "\n", "- Setting up your Python environment for notebooks\n", "- Creating and editing your msticpyconfig.yaml file\n", "- Understanding and managing you config.json file.\n", "\n", "If you are\n", "using notebooks in the Azure Sentinel/Azure ML environment you can skip\n", "the first section \"Configuring your Python Environment\" entirely.\n", "\n", "The main part of this notebook involves setting up your msticpyconfig.yaml.\n", "While many of these settings are optional, if you do not configure\n", "them correctly you'll experience some loss of functionality. For\n", "example, using Threat Intelligence providers usually requires an\n", "API key. To save you having to type this in every time you look up\n", "an IP Address you should put this in a config file.\n", "\n", "This section takes you through creating settings for\n", "- Azure Sentinel workspaces\n", "- Threat Intelligence providers\n", "- Geo-location providers\n", "- Other data providers (e.g. Azure APIs)\n", "- Key Vault\n", "- Auto-loading options.\n", "\n", "You'll typically need the first three of these to use most\n", "of the notebooks fully.\n", "\n", "Section 3, \"The config.json file\" can also be ignored if you\n", "are happy using `msticpyconfig.yaml`. It is included here\n", "for background." ] }, { "cell_type": "markdown", "metadata": { "toc": true }, "source": [ "\n", "\n", "\n", "
\n", " \n", "msticpyconfig.yaml
\n",
" config.json
file\"\r\n",
" \"Warning: we needed to update 'utils/nb_check.py'
\"\r\n",
" \"Please restart the kernel and re-run this cell.\"\r\n",
" \"