Python[Container]Training DataSet[Container]Phishing.url.data[parser data] merge the phishing.url.datafrom zeekPhishing.url.result[match indicates] get phishing-url-result.jsonby python scriptdone.phishing.result[vast export json'done.phishing.url.result.result== 0'] get the result by themachine-learning modeltrue/false.phishing.result[vast export jsontrue/false.phishing.url.result.result== 0'] After analyzing done.result,pick the result to true/falsetypeTraining model[get model] Through machine learningalgorithms, we can generaterelevant phishing indicatesmodels throughtrue.phishing.result datasetNew Phishing model[extended result.dataSet] identify suspicious,anomalous or misjudgmentdataMachine Learning[Traning Phishing Model] phishing-url-resutl.json ->probe,true/false.phishing-url-result.json-> new phishing-modelVast[Query URL] Query EngineGo Spider Application[extracting relevant info] phishing-features.json ->indicates.field1: generate model[pick algorithm]2: vast import -tphishing.url.datajson[importphishing.url.data]3: Phishing rules ->[0 1 -1]4: result -> np.array5: Schdule a newtraining job6: Phishing Forensicsby the engineers7: message model[optimize algorithm]8: vast import -tphishing.url.result[Feed training DataSet]9: vast export -n 1arrow'true.phishing.url.result[Get training dataSet]10: vast exportphishing.url.result[spider/zeek]Legend personsystemcontainercomponentexternal personexternal systemexternal containerexternal component