sky-meilin's picture
Create EventClassificationEngineV1/app.py
b7439d7 verified
Raw
History Blame Contribute Delete
1.14 kB
import gradio as gr
import re
def classify_event(log_line):
log = log_line.lower()
# DEFAULT
event_type = "unknown"
risk = "low"
# AUTH / NETWORK
if "authenticated" in log:
event_type = "authentication"
risk = "low"
elif "dhcp" in log:
event_type = "network_management"
risk = "low"
elif "handshake" in log:
event_type = "connection_established"
risk = "low"
# SECURITY EVENTS
elif "packet filtered" in log:
event_type = "firewall_action"
risk = "medium"
elif "port scan" in log:
event_type = "reconnaissance_attack"
risk = "high"
# OUTPUT STRUCTURE
return {
"raw_log": log_line,
"event_type": event_type,
"risk_level": risk,
"status": "analyzed"
}
def nexus_security(input_text):
lines = input_text.split("\n")
return [classify_event(line) for line in lines]
gr.Interface(
fn=nexus_security,
inputs=gr.Textbox(lines=10, label="Security Logs"),
outputs=gr.JSON(label="Security Analysis"),
title="Nexus Security Dashboard"
).launch()