Event Query Language (EQL) | CyberSecTools

Event Query Language (EQL)

0 (0)

Browse a library of EQL analytics now natively integrated in Elasticsearch since Endgame joined forces with Elastic. EQL in Elasticsearch accommodates non-security users with changes summarized in the Elasticsearch EQL documentation. Get started by installing the EQL module with Python 2.7 and 3.5+, then try a sample json file and test it with EQL commands.

SIEM and Log Management

Free

elasticsearch security-analytics log-analysis security-information-and-event-management

ALTERNATIVES

AWS CloudTrail

0 (0)

Track user activity and API usage on AWS and in hybrid and multicloud environments.

SIEM and Log Management

Free

aws cloud-security cloudtrail cloudwatch compliance security-audit logging

Cowralyze

0 (0)

A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.

SIEM and Log Management

Free

command-line-tool log-analysis visualization cowrie statistics

Log-Killer

0 (0)

Tool for deleting logs on Linux/Windows servers.

SIEM and Log Management

Free

linux windows security-tool

Logdissect

0 (0)

Logdissect is a CLI utility and Python library for analyzing log files and other data.

SIEM and Log Management

Free

log-analysis python-library log-parsing cli-tool

HoneyView

0 (0)

HoneyView is a tool for analyzing honeyd logfiles graphically and textually.

SIEM and Log Management

Free

php shell-script database

WELA (Windows Event Log Analyzer)

0 (0)

Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.

SIEM and Log Management

Free

forensics windows incident-response event-log