-
Notifications
You must be signed in to change notification settings - Fork 318
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sentinel and Kusto new providers #656
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added provider_settings.py for global proxy config Add settings.py as a facade module for common setttings functions Added lazy_import function and generic functions for implementing dynamic __getattr__ and __dir__ functions for __init__ modules Added ability to create (partial) WorkspaceConfig from connection string. Moved MpConfigEdit and MpConfigFile to dynamic imports in config/__init__.py Changed MSSentinel import in ce_azure_sentinel.py to be imported on demand Extended _execute_query to extract and supply timespan parameters to driver query functions Removed deprecated imports or nbtools and sectools from nbinit.py Importing get_config to msticpy/__init__.py
Moving bokeh 3.0 requirements back to 2.4.3 for compat with panel.
- Adding to DataEnvironments and drivers/__init__.py Adding raw Kusto response test data
…lle/azure-kusto-driver-2023-04-04
…driver.py Implemented driver properties dictionary and use of DriverProps class to normalize naming in multiple drivers. Added code to allow driver to override environment name for reading queries.
Updated config documentation Fixed keyring_client.py test for valid backend Merged several global settings (proxies, http timeout) into "msticpy" section of config Added settings editor support for msticpy global settings in ce_msticpy.py Some Mypy fixes in file_browser.py Removed some commented-out code from query_source.py Added filtering for queries to query_source.py and data_providers.py - this allows individual kusto providers to show only queries that are relevant for the connected cluster. Additional test files and unit tests to support this. Added consistent support for proxy settings and timeout in azure_kusto_driver.py and azure_monitor_driver.py Updated setup.py, requirements-all.txt and conda-reqs.txt to add azure-kusto-data and azure-monitor-query packages. Added alternative to custom_mp_config test utility. This patches get_config calls in specified modules - more complex to set up but does not rely on a lock file, so allows more unit tests to run in parallel.
Change folder name for test_azure_monitor_driver.py (not sure why but seems to have an effect on linux)
…ub.com/microsoft/msticpy into ianhelle/azure-kusto-driver-2023-04-04
pylint check name change in azure_auth_core.py adding validate_config to settings.py added ability to get workspace using case-insensitive ws name, ID or key name in wsconfig.py removed some debugging lines from sentinel_utils.py suppressed pylint error in data_providers.py fixed field initializer in query_template.py adding more logging to azure_monitor_driver.py adding more logging to azure_kusto_driver.py removing matplotlib import in nbinit, simplifying config loading code if config is already loaded. Moving matplotlib to extra in requirements.txt, setup.py Black re-format of test_periodogram_polling_detector.py Added tests for WorkspaceConfig to test_wsconfig.py Fixed test_azure_monitor_driver.py to use consistent settings. Fixed test_nbinit.py to avoid using default loaded settings.
petebryan
approved these changes
May 5, 2023
Love it - great user experience here as its a near seamless update. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sentinel and Kusto provider updates
This change adds replacement drivers for the MSSentinel
and Kusto data providers.
Instead of Kqlmagic these drivers use the azure-kusto-data
and azure-monitor-query SDKs, respectively.
Currently these drivers are enabled alongside the existing versions
the defaults for Sentinel and Kusto respectively and,
ultimately, deprecate the older versions.
Some of the main changes with these new versions:
MSSentinel_New
andKusto_New
when creating a QueryProviderinstance.
a
timeout
parametersupport the
auth_types
andtenant_id
parameters used elsewherein MSTICPy
mp_az_auth
is replaced byauth_types
(the former still worksbut will be removed in a future release).
mp_az_auth_tenant_id
is replaced bytenant_id
(the formeris not supported in the new providers.
Note: in order to use these new versions you must have
the azure-kusto-data and/or azure-monitor-query Python packages
installed.
For more details on how to use these providers, see:
Changes specific to the Sentinel provider
MSSentinel_New
when creating a QueryProviderinstance.
Changes specific to the Kusto provider
Kusto_New
when creating a QueryProviderinstance.
is still supported albeit with some limited functionality).
See the Kusto provider documentation for details.
when executing a query. This is no longer supported. Once the
provider is connected to a cluster it will only execute queries against
that cluster. (You can however, call the connect() function to connect
the provider to a new cluster before running the query.)
definitions for the Kusto provider, these will all be attached as methods
the QueryProvider, when it is created. However, as soon as you connect
to a specific cluster, the queries will be filtered down to show
only the queries that are intended to run on that cluster.
msticpyconfig.yaml
can use the connect method to do this, which also lets you specify
additional connection parameters).
Related changes
the Kusto and Sentinel drivers but we will expand support to other
components in the near future
have been added to a msticpy.common.settings module. All settings-
related functionality will be added to this module.
to separate related functionality into mixin classes. Added ability
for a driver to supply a filtering function to show/hide query
functions based on criteria set by the driver.
Azure
setup extra.
Unrelated fixes in this Pull request
the current platform
browser component.
Documentation changes
Added:
Updated: