easySIEM associated ioc detail to the event in a realtime. Technically while ingesting log via logstash, It validates remote_ip and md5 has against IOC threat feeds. The associated ioc can be searched in the investigation panel by typing query like
ioc:ip OR ioc:hash . We also have provided threat hunt search engine where you can search and get detail about any domain, email, url, hash and ip. The search engine is powered by VirusShare, ThreatCrowd, AlienVaultOTX, etc.