Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.

Nov 5, 2025 · We aim to publish a new Zeek release about every four months. For users seeking more stability, we maintain dedicated long-term support (LTS) releases with one year of …

Oct 13, 2025 · The purpose of this manual is to assist the Zeek community with implementing Zeek in their environments. It includes material on Zeek’s unique capabilities, how to install it, …

Oct 13, 2025 · Think of the Zeek language as a “domain-specific Python” (or Perl): just like Python, the system comes with a large set of pre-built functionality (the “standard library”), yet …

Zeek works on most modern Unix-based systems and does not require custom hardware. See Installing Zeek in order to install from pre-built binary packages, or Building from Source in …

Zeek is an open-source software platform that generates compact, high-fidelity transaction logs, file content, and fully customizable outputs, providing analysts with actionable data.

Oct 13, 2025 · Zeek possesses the capability to write the logs in several formats and perform certain log management processes like compression and archiving. Analysts make use of …

Who's using Zeek? Zeek supports network operations at a broad variety of sites, including major corporations, universities, research labs, and supercomputing centers. It’s also used widely by …

With those settings, the package manager will install Zeek scripts, Zeek plugins, and ZeekControl plugins into directories where zeek and zeekctl will, by default, look for them. ZeekControl …

Click run and see the Zeek magic happen. You may need to scroll down a bit to get to the output. In this simple example you can see already a specialty of Zeek, the "event". Zeek is event …