Add short documentation to modules

Notebooks/SentinelUtilities/SentinelAnomalyLookup/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelAnomalyLookup: This package is developed for Azure Sentinel Anomaly lookup
+"""
+
 # __init__.py
 from .anomaly_lookup import *
 from .anomaly_lookup_view_helper import *

Notebooks/SentinelUtilities/SentinelAnomalyLookup/anomaly_lookup.py

@@ -1,3 +1,9 @@
+"""
+Anomaly Lookup:
+This module provides process flow functions for anomaly lookup.  Method - run is the main entry point.
+It has dependency on .NET library: Microsoft.Azure.CIS.Notebooks.AnomalyLookup.
+"""
+
 import clr
 clr.AddReference("System")
 clr.AddReference('Newtonsoft.Json')

Notebooks/SentinelUtilities/SentinelAnomalyLookup/anomaly_lookup_view_helper.py

@@ -1,3 +1,8 @@
+"""
+Anomaly Lookup View Helper:
+This module provides helper methods for UI components.
+"""
+
 import os
 import ipywidgets as widgets
 from ipywidgets import Button, GridBox, Layout, ButtonStyle, IntProgress

Notebooks/SentinelUtilities/SentinelAzure/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelAzure: This package is developed for initializing and manipulating Python client objects of Azure Resource Management
+"""
+
 # __init__.py
 from .azure_aad_helper import *
 from .azure_compute_helper import *

Notebooks/SentinelUtilities/SentinelAzure/azure_aad_helper.py

@@ -1,3 +1,8 @@
+"""
+Azure AAD Helper:
+This module provides helper methods to authenticate users into ARM using either 'servivce principal' or 'user id/password'.
+"""
+
 from azure.common.credentials import ServicePrincipalCredentials
 from azure.common.credentials import UserPassCredentials
 from azure.mgmt.resource import ResourceManagementClient

Notebooks/SentinelUtilities/SentinelAzure/azure_compute_helper.py

@@ -1,3 +1,9 @@
+"""
+Azure Compute Helper:
+This module provides helper methods to initialize and manipulate ComputeClient object.
+VM, VM Extension, and VM snapshots are the focal points.
+"""
+
 from azure.mgmt.compute.models import DiskCreateOption
 from azure.mgmt.compute import ComputeManagementClient
 import azure.mgmt.compute.models

Notebooks/SentinelUtilities/SentinelAzure/azure_loganalytics_helper.py

@@ -1,3 +1,9 @@
+"""
+Azure LogAnalytics Helper:
+This module provides helper methods to initialize and manipulate LogAnalyticsManagementClient object.
+Workspace is the focal point.
+"""
+
 from azure.mgmt.loganalytics import LogAnalyticsManagementClient
 
 class LogAnalyticsHelper(object):

Notebooks/SentinelUtilities/SentinelAzure/azure_network_helper.py

@@ -1,3 +1,8 @@
+"""
+Azure Network Helper:
+This module provides helper methods to initialize and manipulate NetworkManagementClient object.
+"""
+
 from azure.mgmt.network import NetworkManagementClient
 
 class NetworkHelper:

Notebooks/SentinelUtilities/SentinelAzure/azure_resource_helper.py

@@ -1,3 +1,9 @@
+"""
+Azure Resource Helper:
+This module provides helper methods to initialize and manipulate ResourceManagementClient object.
+Resource Group is the focal point.
+"""
+
 from azure.mgmt.resource import ResourceManagementClient
 
 class ResourceHelper:

Notebooks/SentinelUtilities/SentinelAzure/azure_storage_helper.py

@@ -1,3 +1,9 @@
+"""
+Azure Storage Helper:
+This module provides helper methods to initialize and manipulate StorageManagementClient object.
+Storage account and blob service are the focal points.
+"""
+
 from datetime import *
 import time
 import azure.mgmt.storage.models

Notebooks/SentinelUtilities/SentinelGitHub/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelGitHub: This package is developed for GitHub related functionalities.
+"""
+
 # __init__.py
 from .github_helper import *
 from .query_helper import *

Notebooks/SentinelUtilities/SentinelGitHub/github_helper.py

@@ -1,3 +1,8 @@
+"""
+GitHub Helper:
+This module provides helper methods to access content in GitHub.
+"""
+
 import requests
 import json
 class GitHubHelper(object):

Notebooks/SentinelUtilities/SentinelGitHub/query_helper.py

@@ -1,3 +1,8 @@
+"""
+Query Helper:
+This module returns constructed Kusto queries (KQL).
+"""
+
 import json
 class QueryHelper(object):
     

Notebooks/SentinelUtilities/SentinelLog/__init__.py

@@ -1,2 +1,6 @@
+"""
+SentinelLog: This package provides log functionalities.
+"""
+
 # __init__.py
 from .log_helper import *

Notebooks/SentinelUtilities/SentinelLog/log_helper.py

@@ -1,3 +1,9 @@
+"""
+Log Helper:
+This module provides log functionalities through Azure Application Insights.
+It has dependency on .NET library: Microsoft.Azure.CIS.Notebooks.LogHelper
+"""
+
 import clr
 clr.AddReference('Microsoft.Azure.CIS.Notebooks.LogHelper')
 clr.AddReference('Microsoft.ApplicationInsights')

Notebooks/SentinelUtilities/SentinelPlot/__init__.py

@@ -1,2 +1,6 @@
+"""
+SentinelPlot: This package provides helper functionalities to plot charts
+"""
+
 # __init__.py
 from .plot_helper import *

Notebooks/SentinelUtilities/SentinelPlot/plot_helper.py

@@ -1,3 +1,8 @@
+"""
+Plot Helper:
+This module provides plot functionalities through various Python plot packages.
+"""
+
 import matplotlib.pyplot as plt
 import numpy as np
 import matplotlib.dates as mdates

Notebooks/SentinelUtilities/SentinelRegi/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelRegi: This package is developed for viewing registry entries by leveraging ipywidgets, using MVC pattern
+"""
+
 # __init__.py
 from .regi_helper import *
 from .regi_view_helper import *

Notebooks/SentinelUtilities/SentinelRegi/regi_controller.py

@@ -1,3 +1,8 @@
+"""
+Regi Controller:
+This controller module takes user actions and renders corresponding widgets.
+"""
+
 import pandas as pd
 from IPython.display import display, HTML
 import ipywidgets as widgets

Notebooks/SentinelUtilities/SentinelRegi/regi_helper.py

@@ -1,3 +1,8 @@
+"""
+MFT Helper:
+This module is built on the top of Python Registry. It knows the registry data object.
+"""
+
 from Registry import Registry
 from Registry.RegistryParse import ParseException
 

Notebooks/SentinelUtilities/SentinelRegi/regi_view_helper.py

@@ -1,3 +1,8 @@
+"""
+Regi View Helper:
+This module provides helper methods for UI components.
+"""
+
 import ipywidgets as widgets
 from ipywidgets import Button, GridBox, Layout, ButtonStyle, IntProgress
 

Notebooks/SentinelUtilities/SentinelUtils/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelUtils: This package provides utility methods in general
+"""
+
 # __init__.py
 from .config_reader import ConfigReader
 from .version_management import *

Notebooks/SentinelUtilities/SentinelUtils/config_reader.py

@@ -1,3 +1,8 @@
+"""
+Config Reader:
+This module is used to read JSON config file populated by Azure Notebooks API.
+"""
+
 import json
 class ConfigReader:
     def read_config_values(filePath):

Notebooks/SentinelUtilities/SentinelUtils/version_management.py

@@ -1,3 +1,8 @@
+"""
+Version Management:
+This module is used to validate installed Python packages that are required by Azure Sentinel Notebooks.
+"""
+
 import sys
 import pkg_resources
 from pkg_resources import DistributionNotFound, VersionConflict

Notebooks/SentinelUtilities/SentinelVhd/__init__.py

@@ -1,3 +1,7 @@
+"""
+SentinelVHD: This package is developed for viewing MFT entries by leveraging ipywidgets, using MVC pattern
+"""
+
 # __init__.py
 from .file_helper import *
 from .mft_helper import *

Notebooks/SentinelUtilities/SentinelVhd/file_helper.py

@@ -1,3 +1,10 @@
+"""
+File Helper:
+This module provides helper methong to download and display files
+
+It has dependency on .NET library for downloading files.
+"""
+
 import clr
 clr.AddReference("System")
 clr.AddReference("System.Collections")

Notebooks/SentinelUtilities/SentinelVhd/mft_helper.py

@@ -1,3 +1,25 @@
+"""
+MFT Helper:
+This module is consisted of 3 classes:
+    MFT Helper which knows MFT, 
+    MFT controller which takes user actions and renders corresponding widgets, and 
+    MFT Model Helper which knows the MFT data object.
+
+It has dependency on .NET libraries:
+System
+System.Collections
+System.Runtime
+Microsoft.Azure.Storage.Common
+Microsoft.Azure.Storage.Blob
+Microsoft.Azure.KeyVault.Core
+Newtonsoft.Json
+Microsoft.Azure.CIS.DiskLib
+Microsoft.Azure.CIS.DiskLib.Ntfs
+Microsoft.Azure.CIS.DiskLib.Vhd
+Microsoft.Azure.CIS.DiskLib.Vhd.Accessors
+PyHelper
+"""
+
 import clr
 clr.AddReference("System")
 clr.AddReference("System.Collections")

Notebooks/SentinelUtilities/SentinelVhd/mft_view_helper.py

@@ -1,3 +1,8 @@
+"""
+MFT View Helper:
+This module provides helper methods for UI components.
+"""
+
 import ipywidgets as widgets
 from ipywidgets import Button, GridBox, Layout, ButtonStyle, IntProgress
 

Notebooks/SentinelUtilities/SentinelWidgets/__init__.py

@@ -1,2 +1,6 @@
+"""
+SentinelWidgets: This package provides helper functionalities for UI comonents.
+"""
+
 # __init__.py
 from .widget_view_helper import *

Notebooks/SentinelUtilities/SentinelWidgets/widget_view_helper.py

@@ -1,3 +1,8 @@
+"""
+Widget View Helper:
+This module provides helper methods for UI controls and components.
+"""
+
 import os
 import ipywidgets as widgets
 from ipywidgets import Button, GridBox, Layout, ButtonStyle, IntProgress
@@ -73,14 +78,14 @@ class WidgetViewHelper(object):
     def get_vm_extension_properties(os_type, upload_container_path, user_id = None):
         if os_type == 'Windows':
             command_to_execute = 'powershell -File installNotebookExtension.ps1 "{0}" >> out.txt'.format(upload_container_path)
-            file_list = ['https://pinotebookresults.blob.core.windows.net/results/installNotebookExtension.ps1?sp=r&st=2019-03-28T21:34:09Z&se=2019-06-01T05:34:09Z&spr=https&sv=2018-03-28&sig=83jlp%2Fr%2BVcuGRLRij6jssqMerCgkk2pp0s007sLUPpM%3D&sr=b', 'https://pinotebookresults.blob.core.windows.net/results/piextension.zip?sp=r&st=2019-03-28T21:44:08Z&se=2019-06-01T05:44:08Z&spr=https&sv=2018-03-28&sig=UoBRXLRK9C4xurBjYu%2FkqqlkjCSi%2B3FlmFiWcsqlu6E%3D&sr=b']
+            file_list = ['https://sentinelnotebooks.blob.core.windows.net/piwindowsstorage/installNotebookExtension.ps1', 'https://sentinelnotebooks.blob.core.windows.net/piwindowsstorage/piextension.zip']
         elif os_type == 'Linux':
             command_to_execute = './piondemand.sh "' + upload_container_path + '"'
-            file_list = ['https://pilinuxstorage.blob.core.windows.net/release/ondemand/stable/piondemand.sh?sp=r&st=2019-06-05T20:44:53Z&se=2020-01-06T05:44:53Z&spr=https&sv=2018-03-28&sig=2fBkG2dWLDcguLtWyQzFapYSaLUxzT9AnZRiW4sdg38%3D&sr=b','https://pilinuxstorage.blob.core.windows.net/release/ondemand/stable/pilinux.ondemand.tar.bz2?sp=r&st=2019-06-05T20:43:37Z&se=2020-01-05T05:43:37Z&spr=https&sv=2018-03-28&sig=7%2FpyH4kR5%2B1Kf0uaftnhpFFy57Yzx32VUGumxmdNmtI%3D&sr=b']
+            file_list = ['https://sentinelnotebooks.blob.core.windows.net/pilinuxstorage/piondemand.sh','https://sentinelnotebooks.blob.core.windows.net/pilinuxstorage/release/ondemand/stable/pilinux.ondemand.tar.bz2']
 
         elif os_type == 'DSVM':
             command_to_execute = './azureforensics.sh {0}'.format(user_id)
-            file_list = ['https://pilinuxstorage.blob.core.windows.net/forensicsnotebooks/azureforensics.sh?sp=r&st=2019-06-05T20:56:53Z&se=2020-01-06T05:56:53Z&spr=https&sv=2018-03-28&sig=uKHb3fR%2FB7%2BgAwhn0uSeqh4f73jaEyQWO4D%2FWVy3BwM%3D&sr=b','https://pilinuxstorage.blob.core.windows.net/forensicsnotebooks/vhdexplorer.tar?sp=r&st=2019-06-05T20:57:46Z&se=2020-01-06T05:57:46Z&spr=https&sv=2018-03-28&sig=AzcecrNydEIuVKNkAimc6MnCGIjjdh4X6dn5oi30ixM%3D&sr=b']
+            file_list = ['https://sentinelnotebooks.blob.core.windows.net/forensicsnotebooks/azureforensics.sh','https://sentinelnotebooks.blob.core.windows.net/forensicsnotebooks/vhdexplorer.tar']
 
         return command_to_execute, file_list
 

Notebooks/SentinelUtilities/setup.py

@@ -15,7 +15,7 @@ with open("LICENSE.txt", "r") as fh:
 
 setuptools.setup(
     name="Azure-Sentinel-Utilities",
-    version="0.1.120",
+    version="0.1.125",
     author="Azure Sentinel Notebooks Devs",
     author_email="zhzhao@microsoft.com",
     description="AZURE SENTINEL NOTEBOOKS PYTHON TOOLS: This package is developed to support Azure Sentinel Notebooks.  It is in an early preview stage so please provide feedback, report bugs, and suggets for new features.",