0

zeek

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Official Site
Github repo
Main metrics

Github stars Tracking Chart

Zeek Logo

The Zeek Network Security Monitor

A powerful framework for network
traffic analysis and security monitoring.

Key Features
Documentation
Getting Started
Development
License

Follow us on Twitter at @zeekurity.

Key Features

  • In-depth Analysis
    Zeek ships with analyzers for many protocols, enabling high-level semantic
    analysis at the application layer.

  • Adaptable and Flexible
    Zeek's domain-specific scripting language enables site-specific monitoring
    policies and means that it is not restricted to any particular detection
    approach.

  • Efficient
    Zeek targets high-performance networks and is used operationally at a variety
    of large sites.

  • Highly Stateful
    Zeek keeps extensive application-layer state about the network it monitors
    and provides a high-level archive of a network's activity.

Getting Started

The best place to find information about getting started with Zeek is
our web site www.zeek.org, specifically the
documentation section
there. On the web site you can also find downloads for stable
releases, tutorials on getting Zeek set up, and many other useful
resources.

You can find release notes in NEWS,
and a complete record of all changes in CHANGES.

To work with the most recent code from the development branch of Zeek,
clone the master git repository:

git clone --recursive https://github.com/zeek/zeek

With all dependencies
in place, build and install:

./configure && make && sudo make install

Write your first Zeek script:

# File "hello.zeek"

event zeek_init()
    {
    print "Hello World!";
    }

And run it:

zeek hello.zeek

For learning more about the Zeek scripting
language, try.zeek.org is a great resource.

Development

Zeek is developed on GitHub by its community. We welcome
contributions. Working on an open source project like Zeek can be an
incredibly rewarding experience and, packet by packet, makes the
Internet a little safer. Today, as a result of countless
contributions, Zeek is used operationally around the world by major
companies and educational and scientific institutions alike for
securing their cyber infrastructure.

If you're interested in getting involved, we collect feature requests
and issues on GitHub here and
you might find
these
to be a good place to get started. More information on Zeek's
development can be found
here, and information
about its community and mailing lists (which are fairly active) can be
found here.

License

Zeek comes with a BSD license, allowing for free use with virtually no
restrictions. You can find it here.

Overview

Name With Ownerzeek/zeek
Primary LanguageC++
Program languageMakefile (Language Count: 13)
Platform
License:Other
Release Count154
Last Release Namelatest (Posted on 2024-03-14 12:43:39)
First Release Namev1.6-dev (Posted on 2011-01-15 15:25:12)
Created At2012-07-06 20:30:16
Pushed At2024-05-09 00:23:28
Last Commit At2024-05-08 13:10:31
Stargazers Count5.9k
Watchers Count349
Fork Count1.2k
Commits Count16.4k
Has Issues Enabled
Issues Count1359
Issue Open Count140
Pull Requests Count1904
Pull Requests Open Count6
Pull Requests Close Count290
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private
To the top