Please turn JavaScript on
Find more feeds
Zeek icon

Zeek

Want to keep yourself up to date with the latest news from Zeek?

Subscribe using the "Follow" button below and we provide you with customized updates, via topic or tag, that get delivered to your email address, your smartphone or on your dedicated news page on follow.it.

You can unsubscribe at any time painlessly.

Title of Zeek: "The Zeek Network Security Monitor"

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.14 / day

Message History

Introducing Zeek 8.2

The Zeek team is proud to announce Zeek 8.2! This release marks our final checkpoint on the road to Zeek 9, and rounds out our new ZeroMQ support in important ways. It also includes a range of new features and improvements, so let’s cover the highlights in this blog post...


Read full story
How Do You Know Zeek Is Working? What Practitioners Actually Monitor

Getting Zeek deployed is one thing. Keeping it running well is another, and it looks different for every environment. Last month, we asked the Zeek community: once Zeek is in production, what does the ongoing care actually look like? What do you monitor, what have you automated, and what have you learned the hard way?

The answers varied by environment, but three themes...


Read full story
How to Write Zeek Logs in JSON & TSV Simultaneously

Zeek can write the same log stream in multiple formats simultaneously. If you need JSON for your SIEM and TSV for long-term archives, you’re in luck: a few lines of code handles both.

There are several reasons one might want two log formats simultaneously. For example, you could log TSV files to disk for long-term archiving, and send off json-logs to your SIEM platform...


Read full story
Revisiting Weird-ness: Investigating DNS NOTIFY at Scale
Read full story
Zeek 8.2 Development Update
Read full story