notebook.community

Edit and run



In [6]:

    
import logging
logger = logging.getLogger()
logger.setLevel(logging.DEBUG)
logging.debug("Logger active")









    



DEBUG:root:Logger active



In [7]:

    
from pyvast import VAST
import pyarrow



In [8]:

    
vast = VAST()









    



DEBUG:vast:VAST client configured to use endpoint localhost:42000



In [9]:

    
await vast.test_connection()









    Out[9]:





True



In [12]:

    
stdout, stderr = await vast.export().arrow("#type == \"zeek.conn\"").exec()
reader = pyarrow.ipc.open_stream(stdout)
data = reader.read_all()









    



DEBUG:vast:Executing call stack: ['export', 'arrow', '#type == "zeek.conn"']



In [13]:

    
data.shape









    Out[13]:





(8505, 22)



In [14]:

    
import pandas
df = data.to_pandas()



In [15]:

    
df.describe()









    Out[15]:







  
    
      
      duration
      orig_bytes
      resp_bytes
      missed_bytes
      orig_pkts
      orig_ip_bytes
      resp_pkts
      resp_ip_bytes
    
  
  
    
      count
      8.015000e+03
      8015.000000
      8.015000e+03
      8.505000e+03
      8505.000000
      8.505000e+03
      8505.000000
      8.505000e+03
    
    
      mean
      2.252200e+10
      690.684966
      7.096001e+04
      1.085233e+03
      29.415168
      1.910043e+03
      73.109347
      9.950322e+04
    
    
      std
      7.624190e+11
      5123.660370
      2.111800e+06
      3.424093e+04
      1116.924997
      4.636414e+04
      2399.197504
      3.376332e+06
    
    
      min
      1.000000e+03
      0.000000
      0.000000e+00
      0.000000e+00
      0.000000
      0.000000e+00
      0.000000
      0.000000e+00
    
    
      25%
      2.891650e+07
      35.000000
      9.900000e+01
      0.000000e+00
      1.000000
      6.400000e+01
      1.000000
      8.800000e+01
    
    
      50%
      2.028740e+08
      154.000000
      2.290000e+02
      0.000000e+00
      2.000000
      2.290000e+02
      1.000000
      2.550000e+02
    
    
      75%
      2.248884e+09
      573.500000
      4.560000e+02
      0.000000e+00
      6.000000
      9.590000e+02
      5.000000
      6.560000e+02
    
    
      max
      6.438000e+13
      298738.000000
      1.574847e+08
      2.493440e+06
      100548.000000
      4.140066e+06
      203934.000000
      2.865861e+08



In [ ]:

	duration	orig_bytes	resp_bytes	missed_bytes	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes
count	8.015000e+03	8015.000000	8.015000e+03	8.505000e+03	8505.000000	8.505000e+03	8505.000000	8.505000e+03
mean	2.252200e+10	690.684966	7.096001e+04	1.085233e+03	29.415168	1.910043e+03	73.109347	9.950322e+04
std	7.624190e+11	5123.660370	2.111800e+06	3.424093e+04	1116.924997	4.636414e+04	2399.197504	3.376332e+06
min	1.000000e+03	0.000000	0.000000e+00	0.000000e+00	0.000000	0.000000e+00	0.000000	0.000000e+00
25%	2.891650e+07	35.000000	9.900000e+01	0.000000e+00	1.000000	6.400000e+01	1.000000	8.800000e+01
50%	2.028740e+08	154.000000	2.290000e+02	0.000000e+00	2.000000	2.290000e+02	1.000000	2.550000e+02
75%	2.248884e+09	573.500000	4.560000e+02	0.000000e+00	6.000000	9.590000e+02	5.000000	6.560000e+02
max	6.438000e+13	298738.000000	1.574847e+08	2.493440e+06	100548.000000	4.140066e+06	203934.000000	2.865861e+08