|
- The Zeek Network Security Monitor
Zeek has been a cornerstone of the open-source and cybersecurity communities for decades Originally developed by Vern Paxson in the 1990s under the name “Bro,” Zeek was designed to provide deep insights into network activity across university and national lab networks
- Get Zeek
We aim to publish a new Zeek release about every four months For users seeking more stability, we maintain dedicated long-term support (LTS) releases with one year of maintenance
- Zeek Documentation — Book of Zeek (8. 1. 0-dev. 682)
The purpose of this manual is to assist the Zeek community with implementing Zeek in their environments It includes material on Zeek’s unique capabilities, how to install it, how to interpret the default logs that Zeek generates, and how to modify Zeek to fit your needs
- Quick Start Guide — Book of Zeek (8. 1. 0-dev. 682)
Zeek works on most modern Unix-based systems and does not require custom hardware See Installing Zeek in order to install from pre-built binary packages, or Building from Source in order to build Zeek from source
- About - Zeek
With its powerful, network-optimized programming language, vibrant open-source community, and global adoption, Zeek offers the insights needed to tackle the toughest network challenges across enterprise, cloud, and industrial computing environments Zeek is licensed under the permissive BSD license
- FAQs - Zeek
Who's using Zeek? Zeek supports network operations at a broad variety of sites, including major corporations, universities, research labs, and supercomputing centers It’s also used widely by researchers to prototype novel network analyses and, more generally, for measuring network properties
- Try Zeek
Click run and see the Zeek magic happen You may need to scroll down a bit to get to the output In this simple example you can see already a specialty of Zeek, the "event" Zeek is event-driven This means you can control any execution by making it dependent on an event trigger
- Monitoring With Zeek — Book of Zeek (8. 1. 0-dev. 682)
Zeek possesses the capability to write the logs in several formats and perform certain log management processes like compression and archiving Analysts make use of Zeek data by reviewing the logs it generates
|
|
|