WELA (Windows Event Log Analyzer) ゑ羅

A tool for auditing Windows event log settings.
Created by Yamato Security — make sure you are actually recording the events that matter for DFIR.

📖 Read the Documentation →

_{Available in 15 languages — English · 日本語 · 繁體中文 · 한국어 · Deutsch · Türkçe · Français · Español · Português (Brasil) · Українська · हिन्दी · Bahasa Indonesia · မြန်မာဘာသာ · ไทย · العربية}

---

🦅 About

WELA (Windows Event Log Analyzer, ゑ羅) is a tool for auditing Windows event log settings. Windows event logs are a vital source of information for Digital Forensics and Incident Response (DFIR) — WELA checks your audit policy and log file sizes against best-practice guidelines and real-world Sigma-rule detectability, and can apply the recommended settings for you.

📖 Documentation

All documentation now lives on a dedicated, searchable, multi-language site:

👉 yamato-security.github.io/WELA

Section
🚀 Getting Started	Prerequisites, downloads and running WELA
⌨️ Command Reference	audit-settings, audit-filesize, configure, update-rules
✨ Features	What WELA can do
📦 Resources	Companion projects, changelog, contributing

⬇️ Download

Grab the latest release from the Releases page.

🗂️ Looking for the old README?

The previous single-page README is preserved unchanged:

• 📄 OLD-README.md — English
• 📄 OLD-README-Japanese.md — 日本語

🤝 Contributing & License

Contributions and bug reports are welcome — see Contributing & Support. WELA is released under the MIT license.

---

Made by Yamato Security  ·  @SecurityYamato