From asi
Builds network traffic baselines from NetFlow/IPFIX CSV/JSON data using Python pandas for statistical analysis, z-score/IQR anomaly detection, and hourly/daily profiling for SOC analysts.
npx claudepluginhub plurigrid/asi --plugin asiThis skill uses the workspace's default tool permissions.
Network traffic baselining establishes normal communication patterns by analyzing historical NetFlow/IPFIX data to create statistical profiles of expected behavior. This skill uses Python pandas to compute hourly and daily traffic distributions, per-host byte/packet counts, protocol ratios, and top-N talker profiles. Anomalies are detected using z-score thresholds and IQR (interquartile range) ...
Builds network traffic baselines from NetFlow/IPFIX data using Python pandas for statistical analysis, z-score anomaly detection, and hourly/daily profiling.
Builds network traffic baselines from NetFlow/IPFIX CSV/JSON data using Python pandas for statistical analysis, Z-Score/IQR anomaly detection, and hourly/daily patterns. Useful for SOC network monitoring.
Parses NetFlow v9 and IPFIX records using Python netflow library to decode flows, build baselines, and detect anomalies like port scanning, data exfiltration, volumetric spikes, and C2 beaconing.
Share bugs, ideas, or general feedback.
Network traffic baselining establishes normal communication patterns by analyzing historical NetFlow/IPFIX data to create statistical profiles of expected behavior. This skill uses Python pandas to compute hourly and daily traffic distributions, per-host byte/packet counts, protocol ratios, and top-N talker profiles. Anomalies are detected using z-score thresholds and IQR (interquartile range) outlier methods, enabling SOC analysts to identify deviations such as data exfiltration spikes, beaconing patterns, and unusual port usage.
JSON report containing traffic baselines (hourly/daily profiles), per-host statistics, detected anomalies with z-scores, and top talker rankings with deviation indicators.