Zeek Analysis Tools
Project description
Zeek Analysis Tools (ZAT)
The ZAT Python package supports the processing and analysis of Zeek data with Pandas, scikit-learn, Kafka, and Spark
Install
pip install zat
pip install zat[pyspark] (includes pyspark library)
pip install zat[all] (include pyarrow, yara-python, and tldextract)
Getting Started
AWS Data Processing and ML Modeling
- Please see SageWorks
Installing on Raspberry Pi!
Recent Improvements
- Faster/Smaller Pandas Dataframes for large log files: Large Dataframes
- Better Panda Dataframe to Matrix (ndarray) support: Dataframe To Matrix
- Scalable conversion from Zeek logs to Parquet: Zeek to Parquet
- Vastly improved Spark Dataframe Class: Zeek to Spark
- Updated/improved Notebooks: Analysis Notebooks
- Zeek JSON to DataFrame class: Zeek JSON to DataFrame Example
Video Presentation
Why ZAT?
Zeek already has a flexible, powerful scripting language why should I use ZAT?
Offloading: Running complex tasks like statistics, state machines, machine learning, etc.. should be offloaded from Zeek so that Zeek can focus on the efficient processing of high volume network traffic.
Data Analysis: We have a large set of support classes that help bridge from raw Zeek data to packages like Pandas, scikit-learn, Kafka, and Spark. We also have example notebooks that show step-by-step how to get from here to there.
Analysis Notebooks
- Zeek to Scikit-Learn
- Zeek to Parquet
- Zeek to Spark
- Spark Clustering
- Zeek to Kafka
- Zeek to Kafka to Spark
- Clustering: Picking K (or not)
- Anomaly Detection Exploration
- Risky Domains Stats and Deployment
- Zeek to Matplotlib
Documentation
https://supercowpowers.github.io/zat/
Running the Tests
pip install pytest coverage pytest-cov
pytest zat
About SuperCowPowers
The company was formed so that its developers could follow their passion for Python, streaming data pipelines and having fun with data analysis. We also think cows are cool and should be superheros or at least carry around rayguns and burner phones. Visit SuperCowPowers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file zat-0.4.7.tar.gz.
File metadata
- Download URL: zat-0.4.7.tar.gz
- Upload date:
- Size: 3.9 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 289b7514a76f24fd7c436df65d8aa47b1d7fc32973bd5b94470cd98644ab51f9 |
|
| MD5 | 000f7f35382ab3e3e9e1ae38ff229086 |
|
| BLAKE2b-256 | 913af77a8667eb833488faa718d75dfad0e3c9e33562ae6fb3e16b9ba26361bb |
File details
Details for the file zat-0.4.7-py2.py3-none-any.whl.
File metadata
- Download URL: zat-0.4.7-py2.py3-none-any.whl
- Upload date:
- Size: 234.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1ea055f1684335fa520c63fc36f0764fcf63894a4b96663bbbf24a64c594bfd5 |
|
| MD5 | 0718ba6ff89294d2ee4d0d7be6141e09 |
|
| BLAKE2b-256 | 5c88451ac0fd62de7da507cf585f9a37961982fa2de4a8b6f963d4ee9612776d |
