Star 0


One of the most challenging problems in analyzing security data is that it can come in many formats, sizes and locations. Apache Drill is an open source tool which enables you to query many different types of data using standard ANSI SQL. Out of the box, Drill can query many kinds of security related data including PCAP, PCAP-NG, Syslog, HTTPD/NGINX logs, JSON, CSV and many others. Drill can also directly query many source systems such as JDBC databases, MongoDB, Kafka and many more. Additionally, custom plugins exist to query many other data sources such as Excel, BlockChain, HDF5 and more.