{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# MSTICpy - Data Uploaders\n",
"\n",
"### Description\n",
"This notebook provides a guided example of using the Log Analytics and Splunk Data Uploader included with MSTICpy.
\n",
"Contents:\n",
"- How to instanciate Uploaders\n",
"- Uploading DataFrames\n",
"- Uploading Files\n",
"- Uploading Folders\n",
"\n",
"You must have msticpy installed with the Azure components to run this notebook:\n",
"```\n",
"%pip install --upgrade msticpy[azure]\n",
"```\n"
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Processing imports....\n",
"Checking configuration....\n",
"No errors found.\n",
"No warnings found.\n",
"Setting options....\n"
]
},
{
"data": {
"text/html": [
"
\n", " | Unnamed: 0 | \n", "TenantId | \n", "TimeGenerated | \n", "FlowStartTime | \n", "FlowEndTime | \n", "FlowIntervalEndTime | \n", "FlowType | \n", "ResourceGroup | \n", "VMName | \n", "VMIPAddress | \n", "PublicIPs | \n", "SrcIP | \n", "DestIP | \n", "L4Protocol | \n", "L7Protocol | \n", "DestPort | \n", "FlowDirection | \n", "AllowedOutFlows | \n", "AllowedInFlows | \n", "DeniedInFlows | \n", "DeniedOutFlows | \n", "RemoteRegion | \n", "VMRegion | \n", "AllExtIPs | \n", "TotalAllowedFlows | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "881 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-12 14:22:40.697 | \n", "2019-02-12 13:00:07.000 | \n", "2019-02-12 13:45:08.000 | \n", "2019-02-12 14:00:00.000 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "['65.55.44.109'] | \n", "NaN | \n", "NaN | \n", "T | \n", "https | \n", "443.0 | \n", "O | \n", "4.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "eastus2 | \n", "eastus | \n", "65.55.44.109 | \n", "4.0 | \n", "
1 | \n", "877 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-12 14:22:40.681 | \n", "2019-02-12 13:00:48.000 | \n", "2019-02-12 13:58:33.000 | \n", "2019-02-12 14:00:00.000 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "['13.71.172.130', '13.71.172.128'] | \n", "NaN | \n", "NaN | \n", "T | \n", "https | \n", "443.0 | \n", "O | \n", "18.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "canadacentral | \n", "eastus | \n", "13.71.172.128 | \n", "18.0 | \n", "