def get_intrusion_window(adversary_path): adversary_path='C:/Users/substationc/Desktop/DataFusion/DataFusionApp/DataFusionApp/PythonScripts/'+adversary_path fusion = DataFusion() fusion.load_json(adversary_path) fusion.extract_cyber_data() fusion.extract_physical_data() data_to_process = fusion.merge() attack_start = data_to_process.iloc[0]['Time'] start = int(time.mktime(attack_start.timetuple())) attack_end = data_to_process.iloc[-1]['Time'] end = int(time.mktime(attack_end.timetuple())) return start,end
open('msgpack_' + sys.argv[1] + '_' + stage + '.mp', 'wb')) sys.exit() elif stage == '6': fusion.pcap_table = pd.read_pickle(pickle_path) fusion.merge_by_pcap() fusion.connect_to_elasticsearch('10.110.215.39') json_body = get_lucene_query(start_time, end_time) fusion.retrieve_packetbeat(json_body=json_body) fusion.extract_packetbeat() fusion.merge_packetbeat() fusion.process_snort(snort_path) fusion.merge_snort() #to_monitor ={'399':[5], '456':[18],'1195':[24],'1200':[27]} fusion.physical_table = fusion.extract_physical_data_with_values( to_monitor) # have to add the function in the class fusion.merge() fusion.merged_table = fusion.merged_table.drop(columns=['Time']) data_as_list = fusion.merged_table.values.tolist() mp.pack(data_as_list, open('msgpack_' + sys.argv[1] + '_' + stage + '.mp', 'wb')) sys.exit() elif stage == '7': fusion.pcap_table = pd.read_pickle(pickle_path) fusion.merge_by_pcap() fusion.connect_to_elasticsearch('10.110.215.39') json_body = get_lucene_query(start_time, end_time) fusion.retrieve_packetbeat(json_body=json_body) fusion.extract_packetbeat() fusion.merge_packetbeat() fusion.process_snort(snort_path) fusion.merge_snort()