Event Query Language (EQL) Logo

Event Query Language (EQL)

0
Free
Visit Website

Browse a library of EQL analytics now natively integrated in Elasticsearch since Endgame joined forces with Elastic. EQL in Elasticsearch accommodates non-security users with changes summarized in the Elasticsearch EQL documentation. Get started by installing the EQL module with Python 2.7 and 3.5+, then try a sample json file and test it with EQL commands.

FEATURES

ALTERNATIVES

Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.

Free

Track user activity and API usage on AWS and in hybrid and multicloud environments.

Free

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

Commercial

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Free

A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.

Free

Search AWS CloudWatch logs on the command line with aws-sdk-for-go.

Free

A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.

Commercial

Tool for deleting logs on Linux/Windows servers.

Free