Hi, I am trying to find the best setup for dfir analysis. I played around with: Sofelk, Kape, EZ tools, Cylr Velociraptor, Dfir-iris, Logon tracer, Splunk, Timesketch, Chainsaw, Hayabusa,

All of this are super cool tools to help but I love automation and integration. You can import some logs with winlogbeat directly I to sofelk, see beautiful timeline, with time sketch, collect your logs with cylr or kape etc. None of them are truly integrated together, Velociraptor really helpp to collect, but I am more searching on the analysis side. Like a tools that you could give him you kape collection, importi into sofelk and see a timeline like timesketch in this same platform. Plus with si that could be really oil to have Integrated with those analysis tools to help spot quick and easy evidence of compromission.

Maybe I am a dreamer or need to create this but I would like to know if someone would share there analysis tools and setup that is automated, integrated together and maybe with ai