Sunday, March 1, 2020

Event Query Language (EQL)

The Event Query Language (EQL) is a standardized query language (similar to SQL) to evaluate Windows events.

https://pen-testing.sans.org/blog/2019/12/10/eql-threat-hunting

https://github.com/endgameinc/eqllib


Posted by at
Labels:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)