|
22 | 22 | "execution_count": null, |
23 | 23 | "outputs": [], |
24 | 24 | "source": [ |
| 25 | + "from pathlib import Path\n", |
25 | 26 | "import pandas as pd\n", |
26 | 27 | "import graphistry\n", |
27 | 28 | "from graphistry import collection_set, collection_intersection, n, e_forward, Chain\n", |
28 | 29 | "\n", |
29 | | - "edges = pd.DataFrame({\n", |
30 | | - " 'src': ['acct1', 'acct2', 'acct3'],\n", |
31 | | - " 'dst': ['user1', 'user2', 'user3'],\n", |
32 | | - " 'rel': ['owns', 'owns', 'owns']\n", |
33 | | - "})\n", |
34 | | - "\n", |
35 | | - "nodes = pd.DataFrame({\n", |
36 | | - " 'id': ['acct1', 'acct2', 'acct3', 'user1', 'user2', 'user3'],\n", |
37 | | - " 'type': ['account', 'account', 'account', 'user', 'user', 'user'],\n", |
38 | | - " 'subscribed': [False, True, True, True, False, True],\n", |
39 | | - " 'status': ['purchased', 'purchased', 'new', 'new', 'purchased', 'new']\n", |
40 | | - "})\n", |
41 | | - "\n", |
42 | | - "g = graphistry.edges(edges, 'src', 'dst').nodes(nodes, 'id')\n" |
| 30 | + "edges = pd.read_csv(Path('demos/data/honeypot.csv'))\n", |
| 31 | + "g = graphistry.edges(edges, \"attackerIP\", \"victimIP\")\n" |
43 | 32 | ] |
44 | 33 | }, |
45 | 34 | { |
|
48 | 37 | "execution_count": null, |
49 | 38 | "outputs": [], |
50 | 39 | "source": [ |
| 40 | + "# Use Chain to select subgraphs (nodes + edges) by edge attributes\n", |
51 | 41 | "collections = [\n", |
52 | 42 | " collection_set(\n", |
53 | | - " expr=Chain([n({'status': 'purchased'}), e_forward(), n()]),\n", |
54 | | - " id='purchasers',\n", |
55 | | - " name='Purchasers + Connections',\n", |
| 43 | + " expr=Chain([n(), e_forward({\"vulnName\": \"MS08067 (NetAPI)\"}), n()]),\n", |
| 44 | + " id='netapi',\n", |
| 45 | + " name='MS08067 (NetAPI)',\n", |
56 | 46 | " node_color='#00BFFF',\n", |
57 | 47 | " edge_color='#00BFFF',\n", |
58 | 48 | " ),\n", |
59 | 49 | " collection_set(\n", |
60 | | - " expr=n({'subscribed': True}),\n", |
61 | | - " id='subscribers',\n", |
62 | | - " name='Subscribers',\n", |
| 50 | + " expr=Chain([n(), e_forward({\"victimPort\": 445.0}), n()]),\n", |
| 51 | + " id='port445',\n", |
| 52 | + " name='Port 445',\n", |
63 | 53 | " node_color='#32CD32',\n", |
| 54 | + " edge_color='#32CD32',\n", |
64 | 55 | " ),\n", |
65 | 56 | " collection_intersection(\n", |
66 | | - " sets=['purchasers', 'subscribers'],\n", |
67 | | - " name='High Value Subscribers',\n", |
| 57 | + " sets=['netapi', 'port445'],\n", |
| 58 | + " name='NetAPI + 445',\n", |
68 | 59 | " node_color='#AABBCC',\n", |
| 60 | + " edge_color='#AABBCC',\n", |
69 | 61 | " ),\n", |
70 | 62 | "]\n", |
71 | 63 | "\n", |
|
142 | 134 | "```python\n", |
143 | 135 | "collections_priority = [\n", |
144 | 136 | " collection_set(\n", |
145 | | - " expr=n({\"vip\": True}),\n", |
146 | | - " id=\"vip\",\n", |
147 | | - " name=\"VIP\",\n", |
| 137 | + " expr=Chain([n(), e_forward({\"vulnName\": \"MS08067 (NetAPI)\"}), n()]),\n", |
| 138 | + " id=\"netapi\",\n", |
| 139 | + " name=\"MS08067 (NetAPI)\",\n", |
148 | 140 | " node_color=\"#FFAA00\",\n", |
| 141 | + " edge_color=\"#FFAA00\",\n", |
149 | 142 | " ),\n", |
150 | 143 | " collection_set(\n", |
151 | | - " expr=n({\"recent\": True}),\n", |
152 | | - " id=\"recent\",\n", |
153 | | - " name=\"Recent\",\n", |
| 144 | + " expr=Chain([n(), e_forward({\"victimPort\": 445.0}), n()]),\n", |
| 145 | + " id=\"port445\",\n", |
| 146 | + " name=\"Port 445\",\n", |
154 | 147 | " node_color=\"#00BFFF\",\n", |
| 148 | + " edge_color=\"#00BFFF\",\n", |
155 | 149 | " ),\n", |
156 | 150 | "]\n", |
157 | 151 | "g.collections(collections=collections_priority)\n", |
|
0 commit comments