Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-8289

Add Threat Hunting Functions

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Done
    • 1.21.0
    • 1.21.0
    • Functions - Drill
    • None

    Description

      1. Threat Hunting Functions
        These functions are useful for doing threat hunting with Apache Drill. These were inspired by huntlib.[1]

      The functions are:

      • `punctuation_pattern(<string>)`: Extracts the pattern of punctuation in text.
      • `entropy(<string>)`: This function calculates the Shannon Entropy of a given string of text.
      • `entropyPerByte(<string>)`: This function calculates the Shannon Entropy of a given string of text, normed for the string length.

      [1]: https://github.com/target/huntlib

      Attachments

        Activity

          People

            cgivre Charles Givre
            cgivre Charles Givre
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: