SIEM Query Translator
Source Format
Target Format
Valid
Quick Patterns
Translated Query
high confidenceSecurityEvent | where EventCode == "4625" and src_ip == "10.0.0.1"
Translation Diff
Preserved (1) Modified (2) Lost (1)
EventCode=4src_ip=1searchAND
Confidence Breakdown
| Field | Value | Confidence↕ | Reason |
|---|---|---|---|
| EventCode | 4625 | HIGH | Direct field mapping available |
| src_ip | 10.0.0.1 | HIGH | Direct field mapping available |