Library to run high performance operations in DetectMate. It combines C++ functionality with Polars DataFrames.
CMake allows to build the C++ code:
sudo apt-get install cmakeIntall python dependencies:
pip install uv
uv sync
prek installCompile the code, make sure that all unit tests are green:
sh compile.shTo run the C++ and Python unit tests:
pytestuv pip install --no-cache-dir <directory_detectmateperformance>import detectmateperformance as matep
dataset = {
"name": "AIT - Audit",
"path_temp": "data/audit_templates.txt",
"path_logs": "data/audit.log",
"regex": r"type=(?P<Type>\w+) msg=audit\((?P<Time>[^:]+):(?P<Serial>\d+)\): (?P<Content>.*)"
}
results = matep.metrics.evaluate(
logs=dataset["path_logs"],
ground_templates=dataset["path_temp"],
templates=dataset["path_temp"],
regex=dataset["regex"]
)
print(results) # {'PA': 1.0, 'NED': 1.0, 'TS': 1.0, 'GA': 1.0, 'FR': 1.0}