Russ McRee holisticinfosec

## WaitList.dat.ps1
Stop-Process -name "SearchIndexer" -force;Start-Sleep -m 500;Select-String -Path $env:USERPROFILE\AppData\Local\Microsoft\InputPersonalization\TextHarvester\WaitList.dat -Encoding unicode -Pattern "password"

## Decomposition_Anomalized_Downloads.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
security_access_logs %>%
  filter(server == "SERVER549521") %>%
  ungroup() %>%
  time_decompose(count) %>%
  anomalize(remainder) %>%
  plot_anomaly_decomposition() +
  labs(title = "Decomposition of Anomalized SERVER-549521 Downloads")

## SERVER-549521_Anomalies_STL+IQR.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
SERVER549521 %>%
  # STL + IQR Anomaly Detection
  time_decompose(count, method = "stl", trend = "4 months") %>%
  anomalize(remainder, method = "iqr") %>%
  time_recompose() %>%
  # Anomaly Visualization
  plot_anomalies(time_recomposed = TRUE) +
  labs(title = "SERVER-549521 Anomalies", subtitle = "STL + IQR Methods")

## SERVER-549521_Anomalies_Twitter+GESD.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
# Get only SERVER549521 access
SERVER549521 <- security_access_logs %>%
  filter(server == "SERVER-549521") %>%
  ungroup()
# Anomalize!!
SERVER549521 %>%
  # Twitter + GESD
  time_decompose(count, method = "twitter", trend = "4 months") %>%

## Security_Event_Log_Anomalies.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
security_access_logs %>%
  # Data Manipulation / Anomaly Detection
  time_decompose(count, method = "stl") %>%
  anomalize(remainder, method = "iqr") %>%
  time_recompose() %>%
  # Anomaly Visualization
  plot_anomalies(time_recomposed = TRUE, ncol = 3, alpha_dots = 0.25) +
  labs(title = "Security Event Log Anomalies", subtitle = "STL + IQR Methods")

## Server_Logon_Counts.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
library(tidyverse)
library(anomalize)
security_access_logs %>%
  ggplot(aes(date, count)) +
  geom_point(color = "#2c3e50", alpha = 0.25) +
  facet_wrap(~ server, scale = "free_y", ncol = 3) +
  theme_minimal() +
  theme(axis.text.x = element_text(angle = 30, hjust = 1)) +

## Security_Access_Logs_Function.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
library(dplyr)
library(tibbletime)
setwd("C:/coding/R/anomalize/")
logs <- read_csv("log.csv")
security_access_logs <- logs %>%
  group_by(server) %>%
  as_tbl_time(date)
security_access_logs

## keybase.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              0 comments
            
          
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                holisticinfosec
                / keybase.md
            
            
              Created Feb 22, 2018
            
              
                Keybase.io
              
          
        
      
        
    
      View keybase.md
  
    
  
    Keybase proof
I hereby claim:

I am holisticinfosec on github.
I am holisticinfosec (https://keybase.io/holisticinfosec) on keybase.
I have a public key ASAc1t0PISb-ZngqpjZbc97zLn6ThDLJZjGdRHLt6l3QCgo

To claim this, I am signing this object: