Event Query Language (EQL)

A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.

Visit Website

Explore the EQL Analytics Library Integrated with Elasticsearch

Explore a library of EQL analytics that is now natively integrated into Elasticsearch, following Endgame's collaboration with Elastic. The EQL feature in Elasticsearch is designed to support non-security users, with updates detailed in the Elasticsearch EQL documentation. To get started, install the EQL module using Python versions 2.7 or 3.5 and above. After installation, you can try using a sample JSON file and test it with EQL commands.

Other AI Tools

Rastrea2r

Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.

Details

Raccine

Comprehensive endpoint protection solution providing advanced threat detection, proactive defense, and efficient management.

Details

Radiant Security

Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.

Details

pybof

GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.

Details