The ZAT Python package supports the processing and analysis of Zeek data with Pandas, scikit-learn, and Spark
- Renamed to Zeek Analysis Tools :)
- Better Docs (https://supercowpowers.github.io/zat/)
- Faster/Smaller Pandas Dataframes for large log files: Large Dataframes
- Better Panda Dataframe to Matrix (ndarray) support: Dataframe To Matrix
- Scalable conversion from Zeek logs to Parquet: Zeek to Parquet
- Vastly improved Spark Dataframe Class: Zeek to Spark
- Updated/improved Notebooks: Analysis Notebooks
Data Analysis, Machine Learning, Bro, and You! (Video)
Zeek already has a flexible, powerful scripting language why should I use ZAT?
Offloading: Running complex tasks like statistics, state machines, machine learning, etc.. should be offloaded from Zeek so that Zeek can focus on the efficient processing of high volume network traffic.
Data Analysis: We have a large set of support classes that help bridge from raw Zeek data to packages like Pandas, scikit-learn, and Spark. We also have example notebooks that show step-by-step how to get from here to there.
- Zeek to Scikit-Learn
- Zeek to Parquet
- Zeek to Spark
- Spark Clustering
- Zeek to Kafka
- Zeek to Kafka to Spark
- Clustering: Picking K (or not)
- Anomaly Detection Exploration
- Risky Domains Stats and Deployment
- Zeek to Matplotlib
$ pip install zat
https://supercowpowers.github.io/zat/
The company was formed so that its developers could follow their passion for Python, streaming data pipelines and having fun with data analysis. We also think cows are cool and should be superheros or at least carry around rayguns and burner phones. Visit SuperCowPowers