Event Query Language (EQL) is a versatile tool designed to express relationships between events, allowing users to write adversarial detections that are not limited by the underlying technology. Originally integrated into the Endgame platform for behavior-based detections, EQL has been open-sourced, offering flexibility for various data analysis tasks such as searching, data stacking, and complex behavior hunting. EQL supports Python versions 2.7 and 3.5-3.7 and can be installed via PyPi. To facilitate user engagement, a static test dataset and an EQL Analytics Library, which includes behavior-based detections mapped to MITRE ATT&CK™, are provided. The guide explains how to generate data using Sysmon and Atomic Red Team for testing EQL queries. EQL allows users to analyze different event types and sequence them to enhance detection accuracy, reducing false positives. The text emphasizes the importance of data normalization and platform agnosticism in EQL queries, highlighting the ability to adapt to various data sources through schema mapping. The article encourages community contributions to expand analytics and shares insights into the analytic schema, which is structured in TOML, to detail rule creation and maintenance.