MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

fix situational-awareness examples

pull/34/head
Déborah Servili 2016-10-12 12:33:42 +02:00
parent ed2be78f4e
commit bc5df41179
5 changed files with 84 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
examples/situational-awareness/attribute_treemap.py
View File

@ -21,8 +21,11 @@ if __name__ == '__main__':
else: else:
result = misp.download_last(args.argument) result = misp.download_last(args.argument)
events = tools.eventsListBuildFromArray(result) if 'response' in result:
attributes = tools.attributesListBuild(events) events = tools.eventsListBuildFromArray(result)
temp = tools.getNbAttributePerEventCategoryType(attributes) attributes = tools.attributesListBuild(events)
temp = temp.groupby(level=['category', 'type']).sum() temp = tools.getNbAttributePerEventCategoryType(attributes)
tools.createTreemap(temp, 'Attributes Distribution', 'attribute_treemap.svg', 'attribute_table.html') temp = temp.groupby(level=['category', 'type']).sum()
tools.createTreemap(temp, 'Attributes Distribution', 'attribute_treemap.svg', 'attribute_table.html')
else:
print ('There is no event answering the research criteria')

44
examples/situational-awareness/tag_search.py
View File

@ -41,25 +41,29 @@ if __name__ == '__main__':
else: else:
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate)) args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate) if 'response' in result:
totalPeriodEvents = tools.getNbitems(events) events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate)
tags = tools.tagsListBuild(events) totalPeriodEvents = tools.getNbitems(events)
result = tools.isTagIn(tags, args.tag) tags = tools.tagsListBuild(events)
totalPeriodTags = len(result) result = tools.isTagIn(tags, args.tag)
totalPeriodTags = len(result)
text = 'Studied pediod: from ' text = 'Studied pediod: from '
if args.begindate is None: if args.begindate is None:
text = text + '1970-01-01' text = text + '1970-01-01'
else: else:
text = text + str(args.begindate.date()) text = text + str(args.begindate.date())
text = text + ' to ' text = text + ' to '
if args.enddate is None: if args.enddate is None:
text = text + str(datetime.now().date()) text = text + str(datetime.now().date())
else: else:
text = text + str(args.enddate.date()) text = text + str(args.enddate.date())
print('\n========================================================')
print(text)
print('During the studied pediod, ' + str(totalPeriodTags) + ' events out of ' + str(totalPeriodEvents) + ' contains at least one tag with ' + args.tag + '.')
if totalPeriodEvents != 0:
print('It represents {}% of the events in this period.'.format(round(100 * totalPeriodTags / totalPeriodEvents, 3)))
else:
print ('There is no event answering the research criteria')
print('\n========================================================')
print(text)
print('During the studied pediod, ' + str(totalPeriodTags) + ' events out of ' + str(totalPeriodEvents) + ' contains at least one tag with ' + args.tag + '.')
if totalPeriodEvents != 0:
print('It represents {}% of the events in this period.'.format(round(100 * totalPeriodTags / totalPeriodEvents, 3)))

29
examples/situational-awareness/tags_count.py
View File

@ -40,20 +40,23 @@ if __name__ == '__main__':
else: else:
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate)) args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate) if 'response' in result:
tags = tools.tagsListBuild(events) events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate)
result = tools.getNbOccurenceTags(tags) tags = tools.tagsListBuild(events)
result = tools.getNbOccurenceTags(tags)
else:
result = 'There is no event during the studied period'
text = 'Studied pediod: from ' text = 'Studied pediod: from '
if args.begindate is None: if args.begindate is None:
text = text + '1970-01-01' text = text + '1970-01-01'
else: else:
text = text + str(args.begindate.date()) text = text + str(args.begindate.date())
text = text + ' to ' text = text + ' to '
if args.enddate is None: if args.enddate is None:
text = text + str(datetime.now().date()) text = text + str(datetime.now().date())
else: else:
text = text + str(args.enddate.date()) text = text + str(args.enddate.date())
print('\n========================================================') print('\n========================================================')
print(text) print(text)

65
examples/situational-awareness/tags_to_graphs.py
View File

@ -50,42 +50,45 @@ if __name__ == '__main__':
title = 'Tags repartition over the last 7 days' title = 'Tags repartition over the last 7 days'
result = misp.download_last(last) result = misp.download_last(last)
events = tools.eventsListBuildFromArray(result) if 'response' in result:
result = [] events = tools.eventsListBuildFromArray(result)
dates = [] result = []
enddate = tools.getToday() dates = []
colourDict = {} enddate = tools.getToday()
faketag = False colourDict = {}
faketag = False
for i in range(split): for i in range(split):
begindate = tools.getNDaysBefore(enddate, size) begindate = tools.getNDaysBefore(enddate, size)
dates.append(str(enddate.date())) dates.append(str(enddate.date()))
eventstemp = tools.selectInRange(events, begin=begindate, end=enddate) eventstemp = tools.selectInRange(events, begin=begindate, end=enddate)
if eventstemp is not None: if eventstemp is not None:
tags = tools.tagsListBuild(eventstemp) tags = tools.tagsListBuild(eventstemp)
if tags is not None: if tags is not None:
tools.createDictTagsColour(colourDict, tags) tools.createDictTagsColour(colourDict, tags)
result.append(tools.getNbOccurenceTags(tags)) result.append(tools.getNbOccurenceTags(tags))
else:
result.append(tools.createFakeEmptyTagsSeries())
faketag = True
else: else:
result.append(tools.createFakeEmptyTagsSeries()) result.append(tools.createFakeEmptyTagsSeries())
faketag = True faketag = True
else: enddate = begindate
result.append(tools.createFakeEmptyTagsSeries())
faketag = True
enddate = begindate
result = formattingDataframe(result, dates, 0) result = formattingDataframe(result, dates, 0)
if faketag: if faketag:
result = tools.removeFaketagRow(result) result = tools.removeFaketagRow(result)
taxonomies, emptyOther = tools.getTaxonomies(tools.getCopyDataframe(result)) taxonomies, emptyOther = tools.getTaxonomies(tools.getCopyDataframe(result))
tools.tagsToLineChart(tools.getCopyDataframe(result), title, dates, colourDict)
tools.tagstrendToLineChart(tools.getCopyDataframe(result), title, dates, split, colourDict)
tools.tagsToTaxoLineChart(tools.getCopyDataframe(result), title, dates, colourDict, taxonomies, emptyOther)
tools.tagstrendToTaxoLineChart(tools.getCopyDataframe(result), title, dates, split, colourDict, taxonomies, emptyOther)
if args.order is None:
args.order = 3
tools.tagsToPolyChart(tools.getCopyDataframe(result), split, colourDict, taxonomies, emptyOther, args.order)
tools.createVisualisation(taxonomies)
tools.tagsToLineChart(tools.getCopyDataframe(result), title, dates, colourDict) else:
tools.tagstrendToLineChart(tools.getCopyDataframe(result), title, dates, split, colourDict) print('There is no event during the studied period')
tools.tagsToTaxoLineChart(tools.getCopyDataframe(result), title, dates, colourDict, taxonomies, emptyOther)
tools.tagstrendToTaxoLineChart(tools.getCopyDataframe(result), title, dates, split, colourDict, taxonomies, emptyOther)
if args.order is None:
args.order = 3
tools.tagsToPolyChart(tools.getCopyDataframe(result), split, colourDict, taxonomies, emptyOther, args.order)
tools.createVisualisation(taxonomies)

4
examples/situational-awareness/tools.py
View File

@ -437,7 +437,7 @@ def tagsToPolyChart(dataframe, split, colourDict, taxonomies, emptyOther, order)
pylab.title('Polynomial Fit with Matplotlib: ' + taxonomy) pylab.title('Polynomial Fit with Matplotlib: ' + taxonomy)
pylab.legend(loc='center left', bbox_to_anchor=(1, 0.5)) pylab.legend(loc='center left', bbox_to_anchor=(1, 0.5))
ax = plt.gca() ax = plt.gca()
ax.set_facecolor((0.898, 0.898, 0.898)) # ax.set_facecolor((0.898, 0.898, 0.898))
box = ax.get_position() box = ax.get_position()
ax.set_position([box.x0 - 0.01, box.y0, box.width * 0.78, box.height]) ax.set_position([box.x0 - 0.01, box.y0, box.width * 0.78, box.height])
fig = plt.gcf() fig = plt.gcf()
@ -473,7 +473,7 @@ def tagsToPolyChart(dataframe, split, colourDict, taxonomies, emptyOther, order)
pylab.title('Polynomial Fit with Matplotlib: other') pylab.title('Polynomial Fit with Matplotlib: other')
pylab.legend(loc='center left', bbox_to_anchor=(1, 0.5)) pylab.legend(loc='center left', bbox_to_anchor=(1, 0.5))
ax = plt.gca() ax = plt.gca()
ax.set_facecolor((0.898, 0.898, 0.898)) #cax.set_facecolor((0.898, 0.898, 0.898))
box = ax.get_position() box = ax.get_position()
ax.set_position([box.x0 - 0.01, box.y0, box.width * 0.78, box.height]) ax.set_position([box.x0 - 0.01, box.y0, box.width * 0.78, box.height])
fig = plt.gcf() fig = plt.gcf()