Entropy measures the degree of randomness in a set of data. This process command calculates the entropy of a field using the Shanon entropy formula and displays data in the provided field. A higher entropy number denotes a data set with more randomness, which increases the probability that a system artificially generated the values and could potentially lead to a malicious conclusion. Go to Entropy, to learn how to use this command.
Release Date: January 2, 2023
Release Version: 5.0.0
Supported On: Logpoint v6.7.0 or later
Download: entropy_5.0.0.pak
SHA256: 1923796857c0e5f51acac7b74eeaf69a2fb48af39a1215eea22c37db25c68233
Documentation: Entropy guide
Installation
To install Entropy:
- Download the .pak file from the Download link above.
- Go to Settings >> System Settings from the navigation bar and click Applications.
- Click Import.
- Browse to the downloaded .pak file.
- Click Upload.
Usage Information
Syntax: | process entropy (field) as field_entropy
For example, the "| process entropy (device_address) as test" command calculates the entropy of the device_address field and displays it in test.
Support
If you have any questions or require assistance, create a support ticket here.
Comments
Please sign in to leave a comment.