Spaces:
Sleeping
Sleeping
Commit
·
a6d49bf
1
Parent(s):
a24a6b2
Add more info
Browse files- sections/analyze.py +47 -4
sections/analyze.py
CHANGED
|
@@ -15,11 +15,13 @@ if st.session_state.parsed_df is None:
|
|
| 15 |
data = st.session_state.parsed_df
|
| 16 |
|
| 17 |
# Créer les onglets principaux
|
| 18 |
-
tab1, tab2 = st.tabs(
|
|
|
|
|
|
|
| 19 |
|
| 20 |
# Onglet Analysis
|
| 21 |
with tab1:
|
| 22 |
-
st.subheader("
|
| 23 |
|
| 24 |
# Vérifier que la colonne timestamp existe et est bien de type datetime
|
| 25 |
if "timestamp" in data.columns and data["timestamp"].dtype == pl.Datetime:
|
|
@@ -134,13 +136,54 @@ with tab1:
|
|
| 134 |
|
| 135 |
# Affichage des données filtrées
|
| 136 |
st.write(f"### 🔍 Data filtered : {filtered_data.shape[0]} entries")
|
| 137 |
-
st.dataframe(filtered_data)
|
| 138 |
|
| 139 |
else:
|
| 140 |
st.warning(
|
| 141 |
"The 'timestamp' column does not exist or is not in datetime format."
|
| 142 |
)
|
| 143 |
|
| 144 |
-
# Onglet
|
| 145 |
with tab2:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 146 |
st.subheader("Sankey Diagram")
|
|
|
|
| 15 |
data = st.session_state.parsed_df
|
| 16 |
|
| 17 |
# Créer les onglets principaux
|
| 18 |
+
tab1, tab2, tab3, tab4 = st.tabs(
|
| 19 |
+
["Dataviz", "Analysis", "Foreign IP addresses", "Sankey"]
|
| 20 |
+
)
|
| 21 |
|
| 22 |
# Onglet Analysis
|
| 23 |
with tab1:
|
| 24 |
+
st.subheader("Dataviz")
|
| 25 |
|
| 26 |
# Vérifier que la colonne timestamp existe et est bien de type datetime
|
| 27 |
if "timestamp" in data.columns and data["timestamp"].dtype == pl.Datetime:
|
|
|
|
| 136 |
|
| 137 |
# Affichage des données filtrées
|
| 138 |
st.write(f"### 🔍 Data filtered : {filtered_data.shape[0]} entries")
|
| 139 |
+
st.dataframe(filtered_data, use_container_width=True)
|
| 140 |
|
| 141 |
else:
|
| 142 |
st.warning(
|
| 143 |
"The 'timestamp' column does not exist or is not in datetime format."
|
| 144 |
)
|
| 145 |
|
| 146 |
+
# Onglet Analysis
|
| 147 |
with tab2:
|
| 148 |
+
st.subheader("Analysis")
|
| 149 |
+
|
| 150 |
+
# Afficher ici le top 10 des ports inférieurs à 1024 avec accès autorisé
|
| 151 |
+
st.write(
|
| 152 |
+
"### 🔢 Top 10 ports with authorized access"
|
| 153 |
+
" (portdst < 1024 and action == 'PERMIT')"
|
| 154 |
+
)
|
| 155 |
+
top_ports = (
|
| 156 |
+
data.filter((pl.col("portdst") < 1024) & (pl.col("action") == "PERMIT"))
|
| 157 |
+
.group_by("portdst")
|
| 158 |
+
.agg(pl.count("portdst").alias("count"))
|
| 159 |
+
.sort("count", descending=True)
|
| 160 |
+
.head(10)
|
| 161 |
+
)
|
| 162 |
+
st.dataframe(top_ports, use_container_width=True)
|
| 163 |
+
|
| 164 |
+
# Afficher ici le top 5 des IP sources les plus émettrices
|
| 165 |
+
st.write("### 🌐 Top 5 emitting IP addresses (ipsource and action == 'PERMIT')")
|
| 166 |
+
top_ips = (
|
| 167 |
+
data.filter(pl.col("action") == "PERMIT")
|
| 168 |
+
.group_by("ipsrc")
|
| 169 |
+
.agg(pl.count("ipsrc").alias("count"))
|
| 170 |
+
.sort("count", descending=True)
|
| 171 |
+
.head(5)
|
| 172 |
+
)
|
| 173 |
+
st.dataframe(top_ips, use_container_width=True)
|
| 174 |
+
|
| 175 |
+
|
| 176 |
+
# Onglet Foreign IP addresses
|
| 177 |
+
with tab3:
|
| 178 |
+
# Afficher ici la liste des accès hors plan d’adressage universitaire
|
| 179 |
+
st.write("### 🚫 List of access outside the university network")
|
| 180 |
+
external_access = data.filter(
|
| 181 |
+
~pl.col("ipdst").cast(pl.Utf8).str.contains(r"^192\.168\.")
|
| 182 |
+
& ~pl.col("ipdst").cast(pl.Utf8).str.contains(r"^10\.79\.")
|
| 183 |
+
& ~pl.col("ipdst").cast(pl.Utf8).str.contains(r"^159\.84\.")
|
| 184 |
+
)
|
| 185 |
+
st.dataframe(external_access, use_container_width=True)
|
| 186 |
+
|
| 187 |
+
# Onglet Sankey
|
| 188 |
+
with tab4:
|
| 189 |
st.subheader("Sankey Diagram")
|