EventIDex - Windows Event Log Lookup

🔍 What is EventIDex?

EventIDex is a comprehensive Windows Event Log analysis platform designed for SOC analysts, threat hunters, and incident responders. Search through 83+ critical security events with detailed triage guidance and production-ready detection queries.

⚡ Key Features

Advanced Search - Find events by ID, title, MITRE techniques, or triage tips
Detailed Analysis - Complete triage workflows with false positive guidance
Ready-to-Use Queries - Production-tested KQL and Elasticsearch queries
MITRE ATT&CK Mapping - Full coverage of attack techniques
Threat Hunting Templates - Pre-built scenarios for common attack patterns
Offline-First - Works in air-gapped environments with no external dependencies

🚀 Quick Start

1. Search Events

Type an Event ID (like "4625") or search term in the search box above

2. Select & Analyze

Click an event to view detailed triage tips and detection queries

3. Copy Queries

Use keyboard shortcuts (K for KQL, E for Elastic) to copy queries

4. Explore Features

Try the Dashboard (📊) and Hunting templates (🎯) for advanced analysis

⌨️ Keyboard Shortcuts

/ Focus search

↑↓ Navigate results

K Copy KQL query

E Copy Elastic query

D Open Dashboard

H Open Hunt templates

X Export results

Esc Clear/Close

🎯 Pro Tips

Use filters (Source, Channel, Severity) to narrow down results
Click on related Event IDs to build attack chains
Export filtered results to Markdown for incident documentation
Use hunting templates to search for specific attack patterns
EventIDex works offline - perfect for air-gapped environments

Select an Event ID

🔍 Security Analytics Dashboard

📊 Event Statistics

⚔️ MITRE ATT&CK Kill Chain

🚨 Severity Distribution

⚡ Quick Hunt

🎯 Threat Hunting Templates

🔄 Lateral Movement Hunt

RDP Brute Force Detection

🔒 Persistence Hunt

Service Installation & Account Creation

🛡️ Defense Evasion Hunt

Log Clearing & Process Injection

🔑 Credential Access Hunt

Kerberoasting & Password Attacks

💡 Welcome to EventIDex