def help_cluster_hosts_dbscan():
"""Print help for cluster_hosts_dbscan command"""
colorize_log(
'usage', """cluster_hosts_dbscan [min_samples] [max_dist] [metric]
tmin_samples : minimum number of hosts to form a cluster
tmax_dist : maximum distance between two hosts to form a cluster
tmetric : can be "cityblock", "euclidean", "l1", "l2" or "manhattan" """)
def preloop(self):
context = Context()
colorize_log('info', 'Initialization')
self._build_filter(raw_input('Filter > '))
colorize_log('info', 'Reading database..')
context.dfilter = self._dfilter
context.init_hosts()
self.push(context)
def preloop(self):
context = Context()
colorize_log('info', 'Initialization')
self._build_filter(raw_input('Filter > '))
colorize_log('info', 'Reading database..')
context.dfilter = self._dfilter
context.init_hosts()
self.push(context)
def do_remove_clusters(self, line):
"""Remove provided clusters"""
try:
cluster_labels = [int(idx) for idx in line.split()]
if not cluster_labels:
raise ValueError()
except ValueError:
self.help_select_clusters()
return
try:
self.push(self.get_context().remove_clusters(cluster_labels))
except (RuntimeError, AttributeError):
colorize_log('warning', 'Cluster hosts first.')
def do_remove_clusters(self, line):
"""Remove provided clusters"""
try:
cluster_labels = [int(idx) for idx in line.split()]
if not cluster_labels:
raise ValueError()
except ValueError:
self.help_select_clusters()
return
try:
self.push(self.get_context().remove_clusters(cluster_labels))
except (RuntimeError, AttributeError):
colorize_log('warning', 'Cluster hosts first.')
def postloop(self):
colorize_log('info', 'Leaving..')
def help_plot3d():
"""Print help for do_plot3d command"""
colorize_log('usage', 'plot3d\n\tPlot hosts in three dimensions')
def help_search_anomalies():
"""Print help for search_anomalies command"""
colorize_log(
'usage', """search_anomalies [N|N%]
tSearch N (or N%) most abnormal hosts""")
def help_select_centers():
"""Print help for do_select_centers command"""
colorize_log('usage', 'select_centers\n\tSelect cluster centers')
def help_remove_anomalies():
"""Print help for do_remove_anomalies command"""
colorize_log('usage', """remove_anomalies
tRemove anomalies from context""")
def help_count():
"""Help for do_count command"""
colorize_log('usage', 'count\n\tPrint host count to sdout')
def help_cluster_hosts_kmeans():
"""Print help for cluster_hosts_kmeans command"""
colorize_log('usage', """cluster_hosts_kmeans [nb_clusters]
tCluster hosts in [nb_clusters] groups using KMeans algorithm""")
def help_search_anomalies():
"""Print help for search_anomalies command"""
colorize_log('usage', """search_anomalies [N|N%]
tSearch N (or N%) most abnormal hosts""")
def help_display_hosts():
"""Print help for do_display_hosts command"""
colorize_log('usage', """display_hosts
tReturn current context host(s) ObjectID(s)""")
def help_select_centers():
"""Print help for do_select_centers command"""
colorize_log('usage', 'select_centers\n\tSelect cluster centers')
def help_select_anomalies():
"""Print help for do_select_anomalies command"""
colorize_log('usage', """select_anomalies
tRemove NON-anomalies from context""")
def help_remove_anomalies():
"""Print help for do_remove_anomalies command"""
colorize_log('usage', """remove_anomalies
tRemove anomalies from context""")
def help_cluster_hosts_dbscan():
"""Print help for cluster_hosts_dbscan command"""
colorize_log('usage', """cluster_hosts_dbscan [min_samples] [max_dist] [metric]
tmin_samples : minimum number of hosts to form a cluster
tmax_dist : maximum distance between two hosts to form a cluster
tmetric : can be "cityblock", "euclidean", "l1", "l2" or "manhattan" """)
def do_select_centers(self, _):
"""Select cluster centers"""
try:
self.push(self.get_context().select_cluster_centers())
except (RuntimeError, AttributeError):
colorize_log('warning', 'Cluster hosts first.')
def help_select_clusters():
"""Print help for select_clusters command"""
colorize_log('usage', """select_clusters c1 [c2 [c3..]]
tSelect clusters c1, c2, c3.. for further analysis
tEnter -1 for noise if DBSCAN clusterring""")
def help_plot3d():
"""Print help for do_plot3d command"""
colorize_log('usage', 'plot3d\n\tPlot hosts in three dimensions')
def help_remove_clusters():
"""Print help for remove_clusters command"""
colorize_log('usage', """remove_clusters c1 [c2 [c3..]]
tRemove clusters c1, c2, c3.. from current context
tEnter -1 for noise if DBSCAN clusterring""")
def help_select_anomalies():
"""Print help for do_select_anomalies command"""
colorize_log(
'usage', """select_anomalies
tRemove NON-anomalies from context""")
def do_select_centers(self, _):
"""Select cluster centers"""
try:
self.push(self.get_context().select_cluster_centers())
except (RuntimeError, AttributeError):
colorize_log('warning', 'Cluster hosts first.')
def help_display_hosts():
"""Print help for do_display_hosts command"""
colorize_log(
'usage', """display_hosts
tReturn current context host(s) ObjectID(s)""")
def help_remove_clusters():
"""Print help for remove_clusters command"""
colorize_log(
'usage', """remove_clusters c1 [c2 [c3..]]
tRemove clusters c1, c2, c3.. from current context
tEnter -1 for noise if DBSCAN clusterring""")
def help_cluster_hosts_kmeans():
"""Print help for cluster_hosts_kmeans command"""
colorize_log(
'usage', """cluster_hosts_kmeans [nb_clusters]
tCluster hosts in [nb_clusters] groups using KMeans algorithm""")
def help_count():
"""Help for do_count command"""
colorize_log('usage', 'count\n\tPrint host count to sdout')
def help_select_clusters():
"""Print help for select_clusters command"""
colorize_log(
'usage', """select_clusters c1 [c2 [c3..]]
tSelect clusters c1, c2, c3.. for further analysis
tEnter -1 for noise if DBSCAN clusterring""")
def postloop(self):
colorize_log('info', 'Leaving..')
def do_count(self, _):
"""Print host count to stdout"""
colorize_log('info', "Number of hosts:\n\t%s" % '\n\t'.join(
'%s:\t%s' % (key, value)
for key, value in self.get_context().count().iteritems()
))
def do_select_anomalies(self, _):
"""Select anomalies from hosts"""
try:
self.push(self.get_context().select_anomalies())
except (RuntimeError, AttributeError):
colorize_log('warning', 'Search anomalies first.')
def do_count(self, _):
"""Print host count to stdout"""
colorize_log(
'info', "Number of hosts:\n\t%s" % '\n\t'.join(
'%s:\t%s' % (key, value)
for key, value in self.get_context().count().iteritems()))
def do_select_anomalies(self, _):
"""Select anomalies from hosts"""
try:
self.push(self.get_context().select_anomalies())
except (RuntimeError, AttributeError):
colorize_log('warning', 'Search anomalies first.')
