Rust

In the depths of my hard drive, I recently stumbled upon an interesting project I started working a year ago. But never really took off at that time. After working with various SIEM tooling for several years, I had become a big fan of Microsoft Sentinel. The fact that it was cloud-based and from Microsoft was less appealing (yes, I am still an open-source and Linux fan), but working with KQL was a breath of fresh air compared to the regex hell and GUI systems of other SIEMs. But what if I (hypothetically) wanted to run KQL on local data using open-source tools? Just some random thoughts, but it was enough to get me started. So, I began with what you start with for any language implementation, writing a parser. ...