{"id":"34f8e2cd-1b2b-4e5e-9661-65ce984fa4ef","shortId":"76rQkg","kind":"skill","title":"Turn Windows event logs into Sigma-backed threat-hunting timelines with Hayabusa","tagline":"Parse Windows event logs into fast timelines and detection-rich outputs so agents can triage suspicious host activity, search for known patterns, and hand investigators reviewable artifacts.","description":"# Turn Windows event logs into Sigma-backed threat-hunting timelines with Hayabusa\n\nParse Windows event logs into fast timelines and detection-rich outputs so agents can triage suspicious host activity, search for known patterns, and hand investigators reviewable artifacts.\n\n## Prerequisites\n\nHayabusa plus Windows event logs from a live system, offline collection, or enterprise collection pipeline.\n\n## Installation\n\nNo source-backed install or usage instructions could be extracted automatically. Review the upstream project before running this skill in a sensitive workflow.\n\n- Source: https://github.com/Yamato-Security/hayabusa\n\n## Documentation\n\n- https://github.com/Yamato-Security/hayabusa\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa/)","tags":["turn","windows","event","logs","into","sigma","backed","threat","hunting","timelines","with","hayabusa"],"capabilities":["skill","source-agentskillexchange","skill-turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (857 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:57.334Z","embedding":null,"createdAt":"2026-05-18T13:20:06.684Z","updatedAt":"2026-05-18T19:12:57.334Z","lastSeenAt":"2026-05-18T19:12:57.334Z","tsv":"'/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa/)':140 '/yamato-security/hayabusa':129,133 'activ':33,75 'agent':28,70,135 'agentskillexchange.com':139 'agentskillexchange.com/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa/)':138 'artifact':42,84 'automat':113 'back':8,50,105 'collect':96,99 'could':110 'detect':24,66 'detection-rich':23,65 'document':130 'enterpris':98 'event':3,17,45,59,89 'exchang':137 'extract':112 'fast':20,62 'github.com':128,132 'github.com/yamato-security/hayabusa':127,131 'hand':39,81 'hayabusa':14,56,86 'host':32,74 'hunt':11,53 'instal':101,106 'instruct':109 'investig':40,82 'known':36,78 'live':93 'log':4,18,46,60,90 'offlin':95 'output':26,68 'pars':15,57 'pattern':37,79 'pipelin':100 'plus':87 'prerequisit':85 'project':117 'review':41,83,114 'rich':25,67 'run':119 'search':34,76 'sensit':124 'sigma':7,49 'sigma-back':6,48 'skill':121,136 'skill-turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa' 'sourc':104,126,134 'source-agentskillexchange' 'source-back':103 'suspici':31,73 'system':94 'threat':10,52 'threat-hunt':9,51 'timelin':12,21,54,63 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'triag':30,72 'turn':1,43 'upstream':116 'usag':108 'window':2,16,44,58,88 'workflow':125","prices":[{"id":"daf3cc2a-9f4f-47a8-b8c6-422c79f5d68f","listingId":"34f8e2cd-1b2b-4e5e-9661-65ce984fa4ef","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:20:06.684Z"}],"sources":[{"listingId":"34f8e2cd-1b2b-4e5e-9661-65ce984fa4ef","source":"github","sourceId":"agentskillexchange/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa","isPrimary":false,"firstSeenAt":"2026-05-18T13:20:06.684Z","lastSeenAt":"2026-05-18T19:12:57.334Z"}],"details":{"listingId":"34f8e2cd-1b2b-4e5e-9661-65ce984fa4ef","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"98a393cc8ae32c1e9000853dc75e99f52137faca","skill_md_path":"skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Turn Windows event logs into Sigma-backed threat-hunting timelines with Hayabusa","description":"Parse Windows event logs into fast timelines and detection-rich outputs so agents can triage suspicious host activity, search for known patterns, and hand investigators reviewable artifacts."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/turn-windows-event-logs-into-sigma-backed-threat-hunting-timelines-with-hayabusa"},"updatedAt":"2026-05-18T19:12:57.334Z"}}