Merge branch 'main' of github.com:alexott/databricks-cybersecurity-playground

alexott · alexott · commit b09912275303 · 2025-02-24T12:39:48.000+01:00
diff --git a/README.md b/README.md
@@ -1,2 +1,6 @@
 # databricks-cybersecurity-playground
+
 Different pieces of code related to doing cybersecurity on Databricks
+
+
+* [iocs-ingest](iocs-ingest/) - source code for ingesting data from Filebeat's Threat Intel module.
diff --git a/iocs-ingest/IoCs Silver.py b/iocs-ingest/IoCs Silver.py
@@ -42,7 +42,6 @@
 
 # COMMAND ----------
 
-# TODO: instead of dropping duplicates, also add condition on the first/last seen
 def process_single_source(input_df: DataFrame, service: str, transform_func):
   checkpoint = f"{base_dir}/checkpoints/threatintel-silver-{service}/"
   transform_func(input_df).writeStream.format("delta") \
diff --git a/iocs-ingest/README.md b/iocs-ingest/README.md
@@ -0,0 +1 @@
+This folder contains Databricks notebooks with source code for the blog post [Ingesting indicators of compromise with Filebeat, Azure Event Hubs & Delta Lake on Databricks](https://alexott.blogspot.com/2022/10/ingesting-indicators-of-compromise-with.html).

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+This folder contains Databricks notebooks with source code for the blog post [Ingesting indicators of compromise with Filebeat, Azure Event Hubs & Delta Lake on Databricks](https://alexott.blogspot.com/2022/10/ingesting-indicators-of-compromise-with.html).`