checklist.day

EQL (Event Query Language) Python Library

JSON →
library 1.0.0 ·python
verified May 26, 2026
dataserialization

EQL (Event Query Language) is a high-level query language from Microsoft for expressing relationships between events, primarily used in security analytics and threat hunting contexts. The Python library provides tools to parse, validate, and transform EQL queries into an Abstract Syntax Tree (AST). The current stable version is 1.0.0, with releases typically tied to feature enhancements or bug fixes, maintaining a stable API.

Traffic · last 30 days ↑100% vs prev 7d · indexed Fri Apr 17 · updated Mon Jun 01

total hits 16
actors 7 distinct systems
last hit 3d ago ChatGPT-User
MetaBot
4
GPTBot
2
Script
2
ChatGPT-User
1
Search engines
1
Humans
1

top countries 🇺🇸 United States · 🇫🇷 France · 🇨🇦 Canada · 🇸🇬 Singapore · 🇩🇪 Germany

Resources

packagepypi.org/project/eql/ ↗
homepageeql.readthedocs.io ↗

API endpoints

full doc /v1/registry/eql
install /v1/registry/eql/install
compatibility /v1/registry/eql/compatibility