msticpy is a Python library designed for information security investigation and threat hunting activities within Jupyter Notebooks. The library provides comprehensive functionality for security analysts and researchers working with log data and threat intelligence. The tool enables users to query log data from multiple sources, allowing for centralized data collection and analysis. It includes built-in capabilities to enrich collected data with threat intelligence feeds, geolocation information, and Azure resource metadata to provide additional context for investigations. msticpy offers analytical capabilities including the extraction of Indicators of Activity (IoA) from log files and the ability to unpack encoded data. The library supports advanced analysis techniques such as anomalous session detection and time series decomposition for identifying suspicious patterns and behaviors. The visualization component provides interactive tools including timelines, process trees, and multi-dimensional Morph Charts to help analysts understand complex data relationships and attack patterns. These visual representations assist in presenting findings and conducting thorough investigations. The library includes practical notebook utilities such as widgets for setting query time boundaries, selecting and displaying items from lists, and configuring the notebook environment. These tools are designed to streamline the investigation workflow and reduce manual configuration tasks. Originally developed to support Jupyter Notebook authoring for Azure Sentinel, msticpy has been extended to integrate with additional log data sources, making it suitable for various security operations environments and investigation scenarios.