Easier access to difficult features

[ianhelle]

We have a few features (e.g., IoC Extract) that are difficult to get to and use.
How can we make them easier to use/access? Along the same lines as Pivots and PD accessors.
In general, we want features to be accessible in a single step.
E.g. currently IoCExtract requires

from msticpy.transform.ioc_extract import IoCExtract
ioc_extr = IoCExtract()
ioc_extr.extract(some_data)

This is exaggerated slightly since you can already do ioc_extr = mp.IoCExtract() or df.mp.extract_iocs for DFs but is an example of what we'd like to avoid.

Candidates

• IoCExtract
• Base64
• TILookup (singleton, instantiate)
• Others?

Things to do:

• avoid having to create classes
• avoid importing from obscure locations

Mechanisms

1. Make these dynamic properties of msticpy (mp.do_something())

• should instantiate/initialize anything needed
• expose a simple function (which may have a bunch of optional params)

2. Direct people to existing "easy" implementations

• make sure documentation uses the "best" slick way of doing things
• maybe have tips where functionality is available (can turn off warnings in config)
  • is it going too far to have deprecation warnings on these?

3. Need to be sure that these easy access mechanisms don't make life difficult for people using msticpy programmatically.

4. Want to avoid big perf hit when importing msticpy