RunReveal customers can now access their security data using Jupyter Notebooks. Supporting this feature is possible because of our open platform and API design. We plan to natively support more integrations in the future because we want security teams to have their data accessible using the tools that work best for their use case.
Jupyter is a common tool that security teams use for storing queries, collecting evidence, and cleaning up the data to share with others. It's a really nice tool because it's simple to quickly create and share an application with others. Being able to write and share context alongside data makes Jupyter a favorite tool of incident responders.
Getting started with Jupyter
To get started with RunReveal and Jupyter you’ll need to install RunReveal’s open-source python package.
pip3 install runreveal
This package is purpose built to query your RunReveal data and create a dataframe so you can leverage the existing python data ecosystem to process your security data. Once you import the RunReveal class from the python package using
from runreveal import RunReveal, instantiations of the class will query your logs.
The RunReveal class constructor has two arguments, the first is the query you're running, and the second is a boolean that defaults to
True will generate a SQL query using an LLM.
We made sure that the RunReveal data works nicely with many of the existing dataviz tools and here's an example of what you can do.
But how does authentication and authorization work? The python package will attempt to read two environment variables from the environment.
RUNREVEAL_AUTH_TOKEN. Your RunReveal workspace is the workspace identifier that you find on the RunReveal account page, and you'll need to create a new API key on the account page as well.
RunReveal is making the best product for detection in the cloud and SaaS environments. We are hiring product engineers to help us build the sources, detections, and integrations our customers are asking for.
If you're interested in seeing a demo of the product, or helping build the future of detection, get in touch with RunReveal!
Sign up for email updates