Update src/streamlit_app.py

src/streamlit_app.py

@@ -265,8 +265,8 @@ with st.sidebar:
         
     st.subheader("💡 批量分析指令")
     analysis_prompt = st.text_area(
-        "針對每個 Log/Alert 執行的指令",
-        value="You are a security expert in charge of analyzing alerts related to Initial Access, Establish Foothold & Reconnaissance, Lateral Movement, Targeting & Data Exfiltration, Malware Deployment & Execution and Ransom & Negotiation. Respond with a clear, structured analysis using the following mandatory sections: \n\n- Priority: Provide the overall priority level. (Answer High-risk detected!, Medium-risk detected!, or Low-risk detected! only) \n- Explanation: If this alert is highly related to Initial Access, Establish Foothold & Reconnaissance, Lateral Movement, Targeting & Data Exfiltration, Malware Deployment & Execution and Ransom & Negotiation, explain the potential impact and why this specific alert requires attention. If not, **omit the explanation section**. \n- Action Plan: If this alert is highly related to Initial Access, Establish Foothold & Reconnaissance, Lateral Movement, Targeting & Data Exfiltration, Malware Deployment & Execution and Ransom & Negotiation, What should be the immediate steps to address this specific alert? If not, **omit the action plan section**. \n\nStrictly use the information in the provided Log and its correlated sequence.",
+        "針對每個 Log 執行的指令",
+        value="You are a security expert tasked with analyzing logs related to Initial Access, Establish Foothold & Reconnaissance, Lateral Movement, Targeting & Data Exfiltration, Malware Deployment & Execution and Ransom & Negotiation. Respond with a clear, structured analysis using the following mandatory sections: \n\n- Priority: Provide the overall priority level. (Answer High-risk detected!, Medium-risk detected!, or Normal-Behavior detected! only) \n- Explanation: If this log is not normal behavior, explain the potential impact and why this specific log requires attention. If not, **omit the explanation section**. \n- Action Plan: If this log is not normal behavior, What should be the immediate steps to address this specific log? If not, **omit the action plan section**.",
         height=200
     )
     st.markdown("此指令將對檔案中的**每一個 Log 條目**執行一次獨立分析 (使用 **IP 關聯視窗**)。")
@@ -675,7 +675,7 @@ if st.session_state.get("batch_results") and isinstance(st.session_state.batch_r
     with report_container:            
         # 顯示 High-Risk 報告的下載按鈕 (改為 CSV 邏輯)
         if high_risk_items:
-            st.success(f"✅ 檢測到 {len(high_risk_items)} 條高風險 Log/Alert。")
+            st.success(f"✅ 檢測到 {len(high_risk_items)} 條高風險 Log。")
                     
             # --- 構建 CSV 內容 ---
             csv_output = io.StringIO()
@@ -734,7 +734,7 @@ if st.session_state.get("batch_results") and isinstance(st.session_state.batch_r
             download_url = create_download_link(csv_content, 'high_risk_report')
             st.markdown(download_url, unsafe_allow_html=True)
         if medium_risk_items:
-            st.success(f"✅ 檢測到 {len(medium_risk_items)} 條中風險 Log/Alert。")
+            st.success(f"✅ 檢測到 {len(medium_risk_items)} 條中風險 Log。")
                         
             # --- 構建 CSV 內容 ---
             csv_output = io.StringIO()
@@ -792,5 +792,5 @@ if st.session_state.get("batch_results") and isinstance(st.session_state.batch_r
             download_url = create_download_link(csv_content, 'medium_risk_report')
             st.markdown(download_url, unsafe_allow_html=True)
         else:
-            st.info("👍 未檢測到任何標註為 High-risk detected 的 Log/Alert。")
+            st.info("👍 未檢測到任何標註為 High-risk detected 的 Log。")