event logs AI Agent Skills

Browse 12 skills related to event logs

find-hypertable-candidates

1.6k
timescaletimescale

Use this skill to analyze an existing PostgreSQL database and identify which tables should be converted to Timescale/TimescaleDB hypertables. **Trigger when user asks to:** - Analyze database tables for hypertable conversion potential - Identify time-series or event tables in an existing schema - Evaluate if a table would benefit from Timescale/TimescaleDB - Audit PostgreSQL tables for migration to Timescale/TimescaleDB/TigerData - Score or rank tables for hypertable candidacy **Keywords:** hypertable candidate, table analysis, migration assessment, Timescale, TimescaleDB, time-series detection, insert-heavy tables, event logs, audit tables Provides SQL queries to analyze table statistics, index patterns, and query patterns. Includes scoring criteria (8+ points = good candidate) and pattern recognition for IoT, events, transactions, and sequential data.

132 days ago

incident-forensics

376
a5c-aia5c-ai

Digital forensics and incident response capabilities. Analyze memory dumps with Volatility, parse filesystem artifacts, extract browser forensics, analyze Windows event logs, create forensic timelines, recover deleted files, and generate forensic reports.

133 days ago

fsharp-persistence

14
heimeshoffheimeshoff

Implement data persistence using SQLite with Dapper, JSON file storage, or event sourcing patterns. Use when adding database tables, CRUD operations, file storage, or event logs. Creates code in src/Server/Persistence.fs with patterns for queries, transactions, relationships, and async I/O. Includes SQLite schema creation, parameterized queries, and proper connection management.

132 days ago

narya-proofs

7
plurigridplurigrid

Mechanically verified proofs from Narya event logs. Verifies queue consistency, replay determinism, non-leakage, and GF(3) conservation. Use for proving system invariants, audit trails, or formal verification of event-sourced systems.

132 days ago

performing-lateral-movement-detection

2
mukul975mukul975

Detects lateral movement techniques including Pass-the-Hash, PsExec, WMI execution, RDP pivoting, and SMB-based spreading using SIEM correlation of Windows event logs, network flow data, and endpoint telemetry mapped to MITRE ATT&CK Lateral Movement (TA0008) techniques.

soclateral-movementmitre-attack+6
132 days ago

detecting-golden-ticket-attacks-in-kerberos-logs

2
mukul975mukul975

Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT anomalies including mismatched encryption types, impossible ticket lifetimes, non-existent accounts, and forged PAC signatures in domain controller event logs.

threat-huntinggolden-ticketkerberos+3
132 days ago

analyzing-security-logs-with-splunk

2
mukul975mukul975

Leverages Splunk Enterprise Security and SPL (Search Processing Language) to investigate security incidents through log correlation, timeline reconstruction, and anomaly detection. Covers Windows event logs, firewall logs, proxy logs, and authentication data analysis. Activates for requests involving Splunk investigation, SPL queries, SIEM log analysis, security event correlation, or log-based incident investigation.

splunkSPLSIEM+2
132 days ago

performing-windows-artifact-analysis-with-eric-zimmerman-tools

2
mukul975mukul975

Perform comprehensive Windows forensic artifact analysis using Eric Zimmerman's open-source EZ Tools suite including KAPE, MFTECmd, PECmd, LECmd, JLECmd, and Timeline Explorer for parsing registry hives, prefetch files, event logs, and file system metadata.

eric-zimmermanez-toolskape+9
132 days ago

analyzing-usb-device-connection-history

2
mukul975mukul975

Investigate USB device connection history from Windows registry, event logs, and setupapi logs to track removable media usage and potential data exfiltration.

forensicsusb-forensicsremovable-media+3
132 days ago

analyzing-windows-event-logs-in-splunk

2
mukul975mukul975

Analyzes Windows Security, System, and Sysmon event logs in Splunk to detect authentication attacks, privilege escalation, persistence mechanisms, and lateral movement using SPL queries mapped to MITRE ATT&CK techniques. Use when SOC analysts need to investigate Windows-based threats, build detection queries, or perform forensic timeline analysis of Windows endpoints and domain controllers.

socsplunkwindows-events+4
132 days ago

extracting-windows-event-logs-artifacts

2
mukul975mukul975

Extract, parse, and analyze Windows Event Logs (EVTX) using Chainsaw, Hayabusa, and EvtxECmd to detect lateral movement, persistence, and privilege escalation.

forensicswindows-event-logsevtx+4
132 days ago

proxmox-ops

eddygkeddygk

Ops-focused Proxmox VE management via REST API — monitor, control, provision, and troubleshoot VMs and LXC containers with battle-tested operational patterns. Use when asked to: - List, start, stop, restart VMs or LXC containers - Check node status, cluster health, or resource usage - Create, clone, or delete VMs and containers - Manage snapshots, backups, storage, or templates - Resize disks (API + in-guest filesystem steps) - Query guest agent for IP addresses - View tasks or system event logs Includes helper script (pve.sh) with auto node discovery from VMID, operational safety gates (read-only vs reversible vs destructive), vmstate snapshot warnings, post-resize guest filesystem steps, and a separate provisioning reference. Requires: curl, jq. Writes: ~/.proxmox-credentials (API token, mode 600). Network: connects to user-configured Proxmox host only (HTTPS, TLS verification disabled for self-signed certs). Helper script: scripts/pve.sh (relative to this skill)

132 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network