Spaces:
Sleeping
Sleeping
File size: 3,863 Bytes
ac8bc57 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
import streamlit as st
import requests
import csv
from io import StringIO
# Required NetFlow schema
required_columns = [
'Flow duration', 'Source port', 'Destination port',
'Total forward packets', 'Total backward packets',
'Avg forward segment size', 'Avg backward segment size'
]
# Streamlit UI
st.title("NetFlow Log Comparison Tool")
st.write("Compare your NetFlow logs against Sigma rules or MITRE ATT&CK patterns using RAG.")
# Instructions for data upload
st.markdown("""
**Instructions:**
- Upload a CSV file with your NetFlow log data.
- Ensure that the file contains **all the required columns** listed below.
- You can upload **up to 5 rows** for analysis.
""")
# Display required schema for users
st.write("### Required NetFlow Schema:")
st.write(", ".join(required_columns))
# Step 1: File Upload
uploaded_file = st.file_uploader("Upload your NetFlow log sequence CSV file", type="csv")
# Step 2: User Token Input
hugging_face_api_token = st.text_input("Enter your Hugging Face API Token", type="password")
if not hugging_face_api_token:
st.warning("Please provide a Hugging Face API Token to proceed.")
# Step 3: Run Comparison if File Uploaded and Token Provided
if uploaded_file and hugging_face_api_token:
# Read and display the file using CSV module
csv_file = StringIO(uploaded_file.getvalue().decode("utf-8"))
reader = csv.DictReader(csv_file)
csv_data = list(reader)
# Display a few rows to the user
st.write("Uploaded File:")
for i, row in enumerate(csv_data[:5]):
st.write(row)
# Check if the file has the required schema
if all(col in reader.fieldnames for col in required_columns):
if len(csv_data) <= 5:
st.success("File contains all required columns and meets the row limit of 5.")
# Prepare data for Hugging Face API call
input_texts = [f"{row}" for row in csv_data] # Convert each row to a string for comparison
# Step 4: Call Hugging Face API
HUGGING_FACE_API_URL = "https://api-inference.huggingface.co/models/sentence-transformers/all-distilroberta-v1"
headers = {"Authorization": f"Bearer {hugging_face_api_token}"}
try:
# Perform inference using Hugging Face API
response = requests.post(HUGGING_FACE_API_URL, headers=headers, json={"inputs": input_texts})
response.raise_for_status()
# Display the results
st.write("### Comparison Results")
comparison_results = response.json()
st.write(comparison_results)
except requests.exceptions.RequestException as e:
st.error(f"Error calling Hugging Face API: {str(e)}")
else:
st.error(f"File exceeds the row limit of 5. Your file contains {len(csv_data)} rows.")
else:
missing_columns = [col for col in required_columns if col not in reader.fieldnames]
st.error(f"Missing columns: {', '.join(missing_columns)}")
# Step 5: Survey Link
st.write("### Feedback Survey")
st.write("We value your feedback. [Fill out our survey](https://docs.google.com/forms/d/1-P_7Uv5OphSWhTyoPuO0jjUQnYg_Hv5oVGBkhbg-H8g/prefill)") # Replace with your survey link
# Footer
st.markdown("---")
st.write("This free site is maintained by DeepTempo.")
st.image(".streamlit/Final DeepTempo logo.png", width=300) # Adjust the path and width as needed
st.write("[Visit DeepTempo.ai](https://deeptempo.ai)")
st.write("[Check out the underlying code on GitHub](https://github.com/deepsecoss)")
# CSS to change link color to white
st.markdown(
"""
<style>
a {
color: white !important;
text-decoration: underline; /* Optional: to keep the link recognizable */
}
</style>
""",
unsafe_allow_html=True
)
|