userline

Log analyzer

Automates analysis of Windows Security Events to identify user logon relations

Query and report user logons relations from MS Windows Security Events

GitHub

240 stars
28 watching
32 forks
Language: Python
last commit: over 6 years ago
blackhatcsvdfirdockerdockerfileelasticsearchevtx-analisysforensicsgephigraphloginlogon-relationsneo4jplasopythonwindows-eventlog

Related projects:

Repository Description Stars
nshalabi/sysmontools Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. 1,488
reed1713/elat A toolset for analyzing Windows event logs to detect and analyze malware 29
airbus-cert/timeliner A tool for filtering and analyzing Windows event logs based on complex time-based conditions 36
yamato-security/wela Analyzes Windows Event Logs to identify security-related events and provides forensic tools for incident response. 763
jpcertcc/sysmonsearch Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. 417
cgosec/blauhaunt A tool collection for analyzing and visualizing logon events to help answer security-related questions 161
wagga40/zircolite A standalone tool for analyzing and detecting security-related events in various Linux logs using SIGMA rules 680
sans-blue-team/deepbluecli A PowerShell module for analyzing Windows event logs to detect and respond to potential security threats. 2,190
dogoncouch/logesp A security-focused application built with Python Django to manage and analyze log data from various sources. 197
illusivenetworks-labs/historicprocesstree Analyzes Windows event log data to visualize historic process execution evidence in a tree view. 59
jmscslgroup/strym A real-time CAN data logging and visualization tool that interfaces with USB-CAN Interface using Python 27
carina-studio/ulogviewer A tool for analyzing and visualizing log data from various sources 409
securityjoes/forensicminer Automates evidence collection and analysis from Windows machines using PowerShell. 148
dogoncouch/logdissect Analyzes log files and other data from various sources and formats. 148
williballenthin/python-evtx A Python module for parsing Windows Event Log files (.evtx) into structured data 732