Blauhaunt
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A community-led project focused on the documentation, standardization, and modeling of security event logs. Goals include defining and sharing a common data model, data structures, and relationships in security event logs, as well as providing detailed information in a dictionary format about various security event logs.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
HoneyView is a tool for analyzing honeyd logfiles graphically and textually.
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.