After event viewer crashed on a 400mb evtx, i wrote my own log triage cli

The author created a CLI tool called ThreatLens to triage log files, especially for Windows event logs, due to Event Viewer's limitations. It uses Sigma rules and can output to Elasticsearch. The tool is lightweight and doesn't require any infrastructure setup. It's useful for analyzing logs from a single machine.