noisedestroyers/StreamLens
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

working well, good docs. TUI.

Browse Source
This commit is contained in:
noisedestroyers
2025-07-25 19:42:33 -04:00
parent 4c6e23bff8
commit f75c757b12
5 changed files with 549 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
analyzer/main.py
View File

@@ -157,12 +157,17 @@ def print_console_results(analyzer: EthernetAnalyzer):
print(f"Update Frequency: {rt_stats.get('update_frequency', 'N/A')}")
print(f"\n=== FLOW STATISTICS ===")
flows_sorted = sorted(summary['flows'].values(), key=lambda x: x.frame_count, reverse=True)
flows_sorted = sorted(summary['flows'].values(), key=lambda x: (
analyzer.statistics_engine.get_max_sigma_deviation(x),
x.frame_count
), reverse=True)
for flow in flows_sorted:
max_sigma = analyzer.statistics_engine.get_max_sigma_deviation(flow)
print(f"\nFlow: {flow.src_ip} -> {flow.dst_ip}")
print(f" Packets: {flow.frame_count}")
print(f" Total Bytes: {flow.total_bytes:,}")
print(f" Max Sigma Deviation: {max_sigma:.2f}σ")
print(f" Protocols: {', '.join(flow.protocols)}")
if flow.detected_protocol_types:
print(f" Enhanced Protocols: {', '.join(flow.detected_protocol_types)}")
@@ -217,15 +222,20 @@ def generate_outlier_report(analyzer: EthernetAnalyzer, threshold_sigma: float):
print("DETAILED FLOW ANALYSIS")
print("=" * 80)
flows_sorted = sorted(summary['flows'].values(), key=lambda x: x.frame_count, reverse=True)
flows_sorted = sorted(summary['flows'].values(), key=lambda x: (
analyzer.statistics_engine.get_max_sigma_deviation(x),
x.frame_count
), reverse=True)
for flow_idx, flow in enumerate(flows_sorted, 1):
max_sigma = analyzer.statistics_engine.get_max_sigma_deviation(flow)
print(f"\n[FLOW {flow_idx}] {flow.src_ip} -> {flow.dst_ip}")
print("-" * 60)
# Flow summary
print(f"Total Packets: {flow.frame_count:,}")
print(f"Total Bytes: {flow.total_bytes:,}")
print(f"Max Sigma Deviation: {max_sigma:.2f}σ")
print(f"Protocols: {', '.join(flow.protocols)}")
if flow.detected_protocol_types:
print(f"Enhanced Protocols: {', '.join(flow.detected_protocol_types)}")