Zircolite¶

Category: Files and apps / Log

Source: GitHub Release

Profiles: Full, Basic

File Extensions: .evtx, .json

Tags: log-analysis, sigma, detection, incident-response

Zircolite is a standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux, XML or JSONL,NDJSON Logs