{"library":"eql","type":"library","category":null,"description":"EQL (Event Query Language) is a high-level query language from Microsoft for expressing relationships between events, primarily used in security analytics and threat hunting contexts. The Python library provides tools to parse, validate, and transform EQL queries into an Abstract Syntax Tree (AST). The current stable version is 1.0.0, with releases typically tied to feature enhancements or bug fixes, maintaining a stable API.","language":"python","status":"active","version":"1.0.0","tags":["security","threat-hunting","query-language","parser","ast","microsoft"],"last_verified":"Tue May 26","install":[{"cmd":"pip install eql","imports":["import eql\nparsed_query = eql.parse(\"your query\")","import eql\nquery_obj = eql.parse(\"...\") # eql.Query object is returned"]}],"homepage":"https://eql.readthedocs.io","github":null,"docs":null,"changelog":null,"pypi":"https://pypi.org/project/eql/","npm":null,"openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"3.10–3.9","success_rate":100,"avg_install_s":1.7,"avg_import_s":0.82,"wheel_type":"wheel"},"url":"https://checklist.day/v1/registry/eql/compatibility"}}