[Tool] Native JSONL viewer for analyzing massive security logs (Suricata, Zeek, EDR) without infrastructure overhead

Got tired of your log analysis workflow being: export logs → wait for jq → try different filter → wait again → eventually load into ELK → wait for indexing. Built JSONL Viewer Pro to solve this. Native desktop app (Mac) that handles the log analysis I do daily without needing infrastructure. Technical details: Multi-threaded simdjson parser – opens 5GB files in ~10 seconds Automatic nested JSON flattening (alert.signature, flow.bytes_toserver, etc.) Advanced filtering with operators: alert.severity <= 2, flow.bytes > 100000 Handles 10M+ rows in memory C++ native implementation (6MB binary, not Electron) Supports .jsonl and .jsonl.gz Supported formats: Suricata EVE JSON logs Zeek (Bro) JSON logs EDR logs (CrowdStrike, SentinelOne, etc.) Cloud audit trails (CloudTrail, Azure, GCP) Any JSONL-formatted security data Workflow improvements: Daily log review: Load overnight alerts, filter by severity, export indicators Threat hunting: Quick pivots on IPs, domains, hashes across millions of records Incident response: Rapidly filter timeline data without waiting for SIEM queries IOC extraction: Filter and export specific fields for threat intel Privacy/Security: Zero telemetry No internet connection required Data never leaves your machine Good for analyzing sensitive logs on air-gapped systems Launch pricing: $49 (normally $79) https://iotdata.systems/jsonlviewerpro/ Built this for my own workflow but would love feedback from other analysts. What log formats or features would make this more useful? submitted by /u/hilti [link] [comments]Technical Information Security Content & DiscussionRead More