Metadata-Version: 2.1
Name: kestrel-jupyter
Version: 1.0.3
Summary: Kestrel Jupyter Kernel
Home-page: https://github.com/IBM/kestrel-jupyter
License: Apache 2.0 License
Keywords: domain specific language,cyber threat hunting,extended detection and response
Platform: UNKNOWN
Classifier: Topic :: Security
Classifier: Operating System :: OS Independent
Classifier: License :: OSI Approved :: Apache Software License
Requires-Python: >=3.7
Description-Content-Type: text/x-rst
License-File: LICENSE
License-File: AUTHORS.rst

===============================
Kestrel Jupyter Notebook Kernel
===============================

.. image:: https://img.shields.io/pypi/v/kestrel-jupyter.svg
        :target: https://pypi.python.org/pypi/kestrel-jupyter

.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
   :target: https://github.com/psf/black

This repository contains two Python packages:

- ``kestrel_jupyter_kernel``
- ``kestrel_ipython``

Python Requirement
==================

This project and docs build on Python 3.

Install and Setup
=================

The easy and preferred way:

.. code-block:: console

    $ pip install kestrel-jupyter
    $ python -m kestrel_jupyter_kernel.setup

If you want to install from source code:

.. code-block:: console

    $ git clone git://github.com/opencybersecurityalliance/kestrel-jupyter
    $ cd kestrel-jupyter
    $ pip install .
    $ python -m kestrel_jupyter_kernel.setup

How to Use Kestrel Jupyter Notebook Kernel
==========================================

Start Jupyter with ``jupyter notebook`` and start a new notebook with kernel
``kestrel``. Note if you are using ``jupyter lab``, most functionalities are
there such as code execution, error prompot, and context-aware auto-complete,
but the syntax highlighting is not ported from our Jupyter Notebook environment
to Jupyter Lab yet.

Write your hello world hunt:

.. code-block:: elixir

    newvar = NEW process ["cmd.exe", "reg.exe"]
    DISP newvar

Check `Kestrel documentation`_ for more.

How to Use ipython Magic Function
=================================

.. code-block:: python

    import kestrel_ipython

Then you can write any code in single-line or multi-line Kestrel in Python:

.. code-block:: python

    %%kestrel
    newvar = NEW process ["cmd.exe", "reg.exe"]
    DISP newvar

Uninstall Kestrel Jupyter Kernel
================================

List all Jupyter kernels installed:

.. code-block:: console

    $ jupyter kernelspec list

Uninstall Kestrel kernel:

.. code-block:: console

    $ jupyter kernelspec uninstall kestrel

.. _Kestrel documentation: https://kestrel.readthedocs.io/


