ESEV enables you to visually explore Endpoint Security events. Youll be able to filter, search and inspect Endpoint Security events and see whats happening on your computer. Are you a developer who needs extra details for troubleshooting? Are you a malware analyst and would like to see what happens when a program executes? Are you a system administrator that is trying to understand why a script isnt working?
ESEV provides users visibility into whats occurring on their computers. ESEV uses the output of a Apple macOS program called eslogger. This simplifies investigation and troubleshooting allowing users to quickly explore and pinpoint activities on their computers. ESEV include the ability to highlight noteworthy events using annotations. Annotations help users to visually see what events were executed by privileged users or impact a privileged location on the computer.
Give ESEV a try, itll help you understand program behavior and macOS internals. Great for malware analysis and IOC Creation.
Filter by:
- Event Type
- Program
- Annotations
- Apple platform binary
Search for:
- PID
- Program name
- Event Details
- Annotations
Analyze
- PID chaining (filter by parent and child process events)
- Time warp (filter events by slice of time before and after event)
