Fix incorrect ref to ip_utils module in docs

.pre-commit-config.yaml

@@ -13,7 +13,7 @@ repos:
       - id: black
         language: python
   - repo: https://github.com/PyCQA/pylint
-    rev: v2.16.1
+    rev: v3.2.2
     hooks:
       - id: pylint
         args:

docs/source/api/msticpy.context.tiproviders.ip_quality_score.rst

@@ -0,0 +1,7 @@
+msticpy.context.tiproviders.ip\_quality\_score module
+=====================================================
+
+.. automodule:: msticpy.context.tiproviders.ip_quality_score
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/source/api/msticpy.context.tiproviders.rst

@@ -19,6 +19,7 @@ Submodules
    msticpy.context.tiproviders.greynoise
    msticpy.context.tiproviders.ibm_xforce
    msticpy.context.tiproviders.intsights
+   msticpy.context.tiproviders.ip_quality_score
    msticpy.context.tiproviders.kql_base
    msticpy.context.tiproviders.mblookup
    msticpy.context.tiproviders.open_page_rank

docs/source/api/msticpy.datamodel.entities.mailbox_configuration.rst

@@ -0,0 +1,7 @@
+msticpy.datamodel.entities.mailbox\_configuration module
+========================================================
+
+.. automodule:: msticpy.datamodel.entities.mailbox_configuration
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/source/api/msticpy.datamodel.entities.oauth_application.rst

@@ -0,0 +1,7 @@
+msticpy.datamodel.entities.oauth\_application module
+====================================================
+
+.. automodule:: msticpy.datamodel.entities.oauth_application
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/source/api/msticpy.datamodel.entities.rst

@@ -32,12 +32,15 @@ Submodules
    msticpy.datamodel.entities.mail_cluster
    msticpy.datamodel.entities.mail_message
    msticpy.datamodel.entities.mailbox
+   msticpy.datamodel.entities.mailbox_configuration
    msticpy.datamodel.entities.malware
    msticpy.datamodel.entities.network_connection
+   msticpy.datamodel.entities.oauth_application
    msticpy.datamodel.entities.process
    msticpy.datamodel.entities.registry_key
    msticpy.datamodel.entities.registry_value
    msticpy.datamodel.entities.security_group
+   msticpy.datamodel.entities.service_principal
    msticpy.datamodel.entities.submission_mail
    msticpy.datamodel.entities.threat_intelligence
    msticpy.datamodel.entities.unknown_entity

docs/source/api/msticpy.datamodel.entities.service_principal.rst

@@ -0,0 +1,7 @@
+msticpy.datamodel.entities.service\_principal module
+====================================================
+
+.. automodule:: msticpy.datamodel.entities.service_principal
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/source/api/msticpy.lazy_importer.rst

@@ -0,0 +1,7 @@
+msticpy.lazy\_importer module
+=============================
+
+.. automodule:: msticpy.lazy_importer
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/source/api/msticpy.rst

@@ -24,3 +24,11 @@ Subpackages
    msticpy.nbwidgets
    msticpy.transform
    msticpy.vis
+
+Submodules
+----------
+
+.. toctree::
+   :maxdepth: 4
+
+   msticpy.lazy_importer

docs/source/data_acquisition/IPWhois.rst

@@ -7,18 +7,18 @@ Lookups are possible against IPs and ASNs (Autonomous System Number).
 IP Lookups
 ----------
 
-Whois lookups can be performed against a single IP address or a as a bulk lookup against a list or
+Whois lookups can be performed against a single IP address or as a bulk lookup against a list or
 DataFrame column.
 
 WhoIs Lookup of single IP Address
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-The ``ip_whois`` function looks an single IP Address and returns a results
+The :py:func:`ip_whois<msticpy.context.ip_utils.ip_whois>` function looks up an single IP Address and returns a results
 as a Python dictionary.
 
 .. code:: ipython3
 
-    >>> from msticpy.iptools import ip_whois
+    >>> from msticpy.context.ip_utils import ip_whois
     >>> ip_whois("65.55.44.109")
 
 .. parsed-literal::
@@ -76,11 +76,11 @@ ASN Lookup by IP
 ^^^^^^^^^^^^^^^^
 
 It is also possible to lookup details of the ASN that an IP address belongs to.
-This is done with the `get_asn_from_ip` function.
+This is done with the :py:func:`get_asn_from_ip<msticpy.context.ip_utils.get_asn_from_ip>` function.
 
 .. code:: ipython3
 
-    >>> from msticpy.iptools import get_asn_from_ip
+    >>> from msticpy.context.ip_utils import get_asn_from_ip
     >>> get_asn_from_ip("65.55.44.109")
 
 .. parsed-literal::
@@ -93,7 +93,7 @@ This is done with the `get_asn_from_ip` function.
     'Allocated': '2001-02-14',
     'AS Name': 'MICROSOFT-CORP-MSN-AS-BLOCK, US'}
 
-The same function is also accessible via the ``IpAddress.whois_as`` pivot function:
+The same function is also accessible via the ``IpAddress.whois_asn`` pivot function:
 
 .. code:: ipython3
 
@@ -108,12 +108,13 @@ ASN Lookup by Number or Name
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 You can get details of a specific to look up against an ASN.
-`get_asn_details` can be used to get details based on an ASN, along with details of the IP ranges
+:py:func:`get_asn_details<msticpy.context.ip_utils.get_asn_details>` can
+be used to get details based on an ASN, along with details of the IP ranges
 belonging to that ASN.
 
 .. code:: ipython3
 
-    >>> from msticpy.iptools import get_asn_details
+    >>> from msticpy.context.ip_utils import get_asn_details
     >>> get_asn_details("AS3598")
 
 .. parsed-literal::
@@ -132,7 +133,8 @@ belonging to that ASN.
     ...
 
 It is also possible to search ASNs based on the AS Name. For example, you can search for "Microsoft"
-to see a list of all ASNs that are associated with Microsoft with `get_asns_from_name`.
+to see a list of all ASNs that are associated with Microsoft with
+:py:func:`get_asns_from_name<msticpy.context.ip_utils.get_asns_from_name>`.
 
 .. code:: ipython3
 

docs/source/data_acquisition/SplunkProvider.rst

@@ -61,14 +61,14 @@ to a Key Vault secret using the MSTICPy configuration editor.
 
 Required connection parameters:
 
-===========  ===========================================================================================================================
-Parameter    Description
-===========  ===========================================================================================================================
-host         (string) The host name (the default is 'localhost').
-username     (string) The Splunk account username, which is used to authenticate the Splunk instance.
-password     (string) The password for the Splunk account.
+============  ===========================================================================================================================
+Parameter     Description
+============  ===========================================================================================================================
+host          (string) The host name (the default is 'localhost').
+username      (string) The Splunk account username, which is used to authenticate the Splunk instance.
+password      (string) The password for the Splunk account.
 bearer_token  (string) The Authorization Bearer Token <JWT> created in the Splunk.
-===========  ===========================================================================================================================
+============  ===========================================================================================================================
 
 The username and password are needed for user account authentication.
 On the other hand, bearer_token is needed for Token authentication.

msticpy/context/tiproviders/abuseipdb.py

@@ -62,11 +62,11 @@ def parse_results(self, response: Dict) -> Tuple[bool, ResultSeverity, Any]:
 
         score = data.get("abuseConfidenceScore", None)
 
-        if score == 0:
-            result_severity = ResultSeverity.information
-        elif score <= 50:
-            result_severity = ResultSeverity.warning
-        elif score > 50:
+        if score > 50:
             result_severity = ResultSeverity.high
+        elif score > 0:
+            result_severity = ResultSeverity.warning
+        else:
+            result_severity = ResultSeverity.information
 
         return (True, result_severity, result_dict)

msticpy/init/nbinit.py

@@ -330,7 +330,7 @@ def init_notebook(
 
     If you are having trouble with this, you should do the following:
     1. Run `init_notebook` again using the `verbosity=2` parameter
-       This will print out additional status and debugging information
+    This will print out additional status and debugging information
 
     2. Run mp.MpConfigEdit() to edit (or create) a msticpyconfig file.
 

msticpy/init/pivot.py

@@ -283,6 +283,8 @@ def timespan(self, value: Any):
             timespan = value
         elif value is not None:
             timespan = TimeSpan(value)
+        else:
+            return
         self._query_time.set_time(timespan)
 
     def set_timespan(self, value: Optional[Any] = None, **kwargs):

msticpy/init/pivot_init/vt_pivot.py

@@ -158,6 +158,7 @@ def _create_pivots(api_scope: Union[str, VTAPIScope, None]):
     else:
         scope = api_scope
     try:
+        # pylint: disable=possibly-used-before-assignment
         vt_client = VTLookupV3()
     except (ValueError, AttributeError):
         # Can't initialize VTLookup - don't add the pivot funcs