Event Query Language (EQL) Logo

Event Query Language (EQL)

0
Free
Visit Website

Browse a library of EQL analytics now natively integrated in Elasticsearch since Endgame joined forces with Elastic. EQL in Elasticsearch accommodates non-security users with changes summarized in the Elasticsearch EQL documentation. Get started by installing the EQL module with Python 2.7 and 3.5+, then try a sample json file and test it with EQL commands.

FEATURES

ALTERNATIVES

A centralized tool for security monitoring and analysis that integrates various open source big data technologies.

Free

Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.

Free

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

Free

A method for log volume reduction without losing analytical capability.

Free

Cybersecurity project for security monitoring of Node.js applications.

Free

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Free

A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.

Commercial

Python library and command line tools for log visualization with interactive plots.

Free

PINNED