Take advantage of Apache Spot's tools to perform further analysis over the suspicious activity detected by our machine learning algorithm


Study suspicious network activity by looking at a list of security threats detected by Apache Spot's machine learning algorithm.

Have a nice view of your network, understand how devices interact with each other and easily spot threats while exploring a visual representation of suspicious activity.

The following feature is powered by IPython notebooks which allows the users to switch back and forth from the 'easy mode' to the 'expert mode', where they can view and edit the code behind this panel via the web browser.

In the 'Notebook' panel, the form displayed is where the user can assign the level of risk for each connection and use that as feedback to train the Machine Learning model in future executions. Switching to the 'expert' mode, the user can adjust the criteria to filter the data, discarding results known to be non relevant to the analysis.

As your investigation moves forward, get detailed information about a threat whenever you want to dig into an especific threat.

Threat Investigation

The threat investigation panel represents the last step of analysis before displaying the storyboard. At this point, the security analysts can enter a custom review for a given threat to display.


Ready to present your findings? Go over your high risk security threats and request further information, making it easy for executives to undestand what is going on. Here is a list of some of the information you will get when your analyses comes to the end.

  • Incident Progression
  • Impact Analysis
  • Geographic location
  • Incident Timeline

Ingest Summary

Wondering about how much data have been ingested on your cluster? We provide a nice visualization which allows you to get this information.

The "scoring panel" as well as the "Threat investigation panel" are powered by Jupyter notebooks, (click here to learn more).

More Info

Apache Incubator

Apache Spot is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the Apache Incubator. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.

The contents of this website are © 2020 Apache Software Foundation under the terms of the Apache License v2. Apache Spot and its logo are trademarks of the Apache Software Foundation.