Bro Analysis Tools
Project description
## Bro Analysis Tools (BAT) [](https://travis-ci.org/SuperCowPowers/bat) [](http://codecov.io/github/SuperCowPowers/bat?branch=master) [](https://pypi.python.org/pypi/bat) [](https://choosealicense.com/licenses/apache-2.0)
The BAT Python package supports the processing and analysis of Bro data with Pandas, scikit-learn, and Spark
### Recent Improvements (Fall 2019): - Better Docs (<https://supercowpowers.github.io/bat/>) - Faster/Smaller Pandas dataframes for large log files: [Large Dataframes](https://supercowpowers.github.io/bat/large_dataframes.html)
## BroCon 2017 Presentation
Data Analysis, Machine Learning, Bro, and You! ([Video](https://www.youtube.com/watch?v=pG5lU9CLnIU))
## Why BAT?
Bro already has a flexible, powerful scripting language why should I use BAT?
Offloading: Running complex tasks like statistics, state machines, machine learning, etc.. should be offloaded from Bro so that Bro can focus on the efficient processing of high volume network traffic.
Data Analysis: We have a large set of support classes that help bridge from raw Bro data to packages like Pandas, scikit-learn, and Spark. We also have example notebooks that show step-by-step how to get from here to there.
### Getting Started - [Examples of Using BAT](https://supercowpowers.github.io/bat/examples.html)
### How-To Analysis Notebooks
[Bro to Scikit-Learn](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Bro_to_Scikit_Learn.ipynb)
[Bro to Matplotlib](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Bro_to_Plot.ipynb)
[Bro to Parquet to Spark](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Bro_to_Parquet_to_Spark.ipynb)
[Bro to Kafka to Spark](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Bro_to_Kafka_to_Spark.ipynb)
[Clustering: Picking K (or not)](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Clustering_Picking_K.ipynb)
[Anomaly Detection Exploration](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Anomaly_Detection.ipynb)
[Risky Domains Stats and Deployment](https://nbviewer.jupyter.org/github/SuperCowPowers/bat/blob/master/notebooks/Risky_Domains.ipynb)
Install
$ pip install bat
Documentation
Thanks
The DummyEncoder is inspired by Tom Augspurger’s great PyData Chicago 2016 [Talk](https://youtu.be/KLPtEBokqQ0)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
](https://travis-ci.org/SuperCowPowers/bat){kind=link}
](http://codecov.io/github/SuperCowPowers/bat){kind=link}
](https://pypi.python.org/pypi/bat){kind=link}
](https://choosealicense.com/licenses/apache-2.0){kind=link}