SigQL

SigQL is a query language designed for analyzing security telemetry and logs. It aims to provide a more intuitive and powerful way to explore security data compared to traditional methods like SQL or regular expressions. Developed by the security community, SigQL focuses on ease of use and expressiveness for security professionals.

The language is structured to represent security events and entities in a natural way. It allows users

Key features of SigQL include its ability to handle complex relationships between events, filter data based

SigQL's syntax is designed to be human-readable, making it accessible to security analysts with varying levels