The Zeek Network Security Monitor
@zeek.org
Zeek is an open source network security monitor.
zeek.org | github.com/zeek | community.zeek.org
zeek.org | github.com/zeek | community.zeek.org
Pinned
Zeek 8 is out! 🍾
Our new LTS release brings fresh features to simplify deployments and boost reliability. Dive into the details: community.zeek.org/t/zeek-featu...
#Zeek #NetworkSecurity #OpenSource
Our new LTS release brings fresh features to simplify deployments and boost reliability. Dive into the details: community.zeek.org/t/zeek-featu...
#Zeek #NetworkSecurity #OpenSource
Zeek 8.0.4 is here with bug fixes and additional improvements. Work on 8.1 continues (ZeroMQ backend, WebSocket support, and ZKG updates) coming mid-December. Check out the full development update: community.zeek.org/t/zeek-newsl...
Zeek Newsletter - Issue 56 - October 2025
Welcome to the Zeek Newsletter In this Issue: Reminders Tip of the Month Community Call Recap Contributor Shoutout Development Updates Ecosystem News Packages Get Involved TL;DR: Zeek 8.0.4 is out ...
community.zeek.org
November 10, 2025 at 6:20 PM
Zeek 8.0.4 is here with bug fixes and additional improvements. Work on 8.1 continues (ZeroMQ backend, WebSocket support, and ZKG updates) coming mid-December. Check out the full development update: community.zeek.org/t/zeek-newsl...
Releases, development updates, workshops, oh my! Check out this month's Zeek newsletter: community.zeek.org/t/zeek-newsl...
November 6, 2025 at 9:41 PM
Releases, development updates, workshops, oh my! Check out this month's Zeek newsletter: community.zeek.org/t/zeek-newsl...
Project updates, community news, and more at tomorrow's Community Call. Join us?
Tune in at 10am Pacific: zeek.org/events/
Tune in at 10am Pacific: zeek.org/events/
November 4, 2025 at 11:12 PM
Project updates, community news, and more at tomorrow's Community Call. Join us?
Tune in at 10am Pacific: zeek.org/events/
Tune in at 10am Pacific: zeek.org/events/
Thinking about coming to a Zeek training? This will give you a good idea of what to expect - take a look at our recap from this year's NSF Cybersecurity Summit: zeek.org/2025/11/insi...
November 4, 2025 at 8:37 PM
Thinking about coming to a Zeek training? This will give you a good idea of what to expect - take a look at our recap from this year's NSF Cybersecurity Summit: zeek.org/2025/11/insi...
We shared a quick summary of Christian's talk from hack.lu - check it out on our blog: zeek.org/2025/10/inte...
October 31, 2025 at 4:15 PM
We shared a quick summary of Christian's talk from hack.lu - check it out on our blog: zeek.org/2025/10/inte...
Our next Community Call is just around the corner. Join us on November 5 at 10am Pacific for quick project updates and a few community lightning talks about Zeek logs 🤠. It's going to be a fun one.
Find the Zoom link on our website 👇
zeek.org/events/
Find the Zoom link on our website 👇
zeek.org/events/
October 29, 2025 at 5:51 PM
Our next Community Call is just around the corner. Join us on November 5 at 10am Pacific for quick project updates and a few community lightning talks about Zeek logs 🤠. It's going to be a fun one.
Find the Zoom link on our website 👇
zeek.org/events/
Find the Zoom link on our website 👇
zeek.org/events/
Did you catch Christian's talk at hack.lu this week? In case you missed it, get caught up here: www.youtube.com/watch?v=WVSz...
Integrating Zeek With Third-Party Applications - Christian Kreibich
YouTube video by Cooper
www.youtube.com
October 23, 2025 at 5:05 PM
Did you catch Christian's talk at hack.lu this week? In case you missed it, get caught up here: www.youtube.com/watch?v=WVSz...
You can now register for Zeek Workshop Europe 2026 at CERN @cern.bsky.social
zeek.org/workshop-cer...
We're looking forward to two days of Zeek sessions, discussion, and learning. Attendance is free - register to secure your spot.
zeek.org/workshop-cer...
We're looking forward to two days of Zeek sessions, discussion, and learning. Attendance is free - register to secure your spot.
October 22, 2025 at 5:40 PM
You can now register for Zeek Workshop Europe 2026 at CERN @cern.bsky.social
zeek.org/workshop-cer...
We're looking forward to two days of Zeek sessions, discussion, and learning. Attendance is free - register to secure your spot.
zeek.org/workshop-cer...
We're looking forward to two days of Zeek sessions, discussion, and learning. Attendance is free - register to secure your spot.
This month's Zeek Tip is all about extracting connection payloads to disk. Want to know the quick command? Find it in the latest newsletter: community.zeek.org/t/zeek-newsl...
October 15, 2025 at 7:27 PM
This month's Zeek Tip is all about extracting connection payloads to disk. Want to know the quick command? Find it in the latest newsletter: community.zeek.org/t/zeek-newsl...
ICYMI @securityonion.bsky.social 2.4.180 is out! Check out more ecosystem news in our latest newsletter: community.zeek.org/t/zeek-newsl...
Zeek Newsletter - Issue 55 - September 2025
Welcome to the Zeek Newsletter In this Issue: Reminders Tip of the Month Community Call Recap Development Updates Ecosystem News Packages Get Involved TL;DR: Voting is open for the Zeek LT election...
community.zeek.org
October 14, 2025 at 4:06 PM
ICYMI @securityonion.bsky.social 2.4.180 is out! Check out more ecosystem news in our latest newsletter: community.zeek.org/t/zeek-newsl...
Mark your calendars - we'll be presenting some events soon. Keep an eye on our newsletter for updates: shorturl.at/NqUmr
✅ Hands-on Zeek training @ NSF Summit (Oct 20)
✅ Integrating Zeek talk @ hack.lu (Oct 21–24)
✅ 2 days of Zeek at CERN (Mar 25-26)
✅ Hands-on Zeek training @ NSF Summit (Oct 20)
✅ Integrating Zeek talk @ hack.lu (Oct 21–24)
✅ 2 days of Zeek at CERN (Mar 25-26)
Zeek Newsletter - Issue 55 - September 2025
Welcome to the Zeek Newsletter In this Issue: Reminders Tip of the Month Community Call Recap Development Updates Ecosystem News Packages Get Involved TL;DR: Voting is open for the Zeek LT election...
shorturl.at
October 8, 2025 at 10:08 PM
Mark your calendars - we'll be presenting some events soon. Keep an eye on our newsletter for updates: shorturl.at/NqUmr
✅ Hands-on Zeek training @ NSF Summit (Oct 20)
✅ Integrating Zeek talk @ hack.lu (Oct 21–24)
✅ 2 days of Zeek at CERN (Mar 25-26)
✅ Hands-on Zeek training @ NSF Summit (Oct 20)
✅ Integrating Zeek talk @ hack.lu (Oct 21–24)
✅ 2 days of Zeek at CERN (Mar 25-26)
Ever tried making Oracle traffic visible in Zeek?
Georges built a parser for the TNS protocol that logs SQL statements, connections, and errors, giving Security Onion users a clearer view of database activity.
Check it out: www.youtube.com/watch?v=haDt...
#Zeek #NetworkSecurity #OpenSource
Georges built a parser for the TNS protocol that logs SQL statements, connections, and errors, giving Security Onion users a clearer view of database activity.
Check it out: www.youtube.com/watch?v=haDt...
#Zeek #NetworkSecurity #OpenSource
Building a Zeek TNS Parser for Oracle Traffic – Georges Nasr | Cybersecurity Consultant
YouTube video by Zeek
www.youtube.com
October 7, 2025 at 5:21 PM
Ever tried making Oracle traffic visible in Zeek?
Georges built a parser for the TNS protocol that logs SQL statements, connections, and errors, giving Security Onion users a clearer view of database activity.
Check it out: www.youtube.com/watch?v=haDt...
#Zeek #NetworkSecurity #OpenSource
Georges built a parser for the TNS protocol that logs SQL statements, connections, and errors, giving Security Onion users a clearer view of database activity.
Check it out: www.youtube.com/watch?v=haDt...
#Zeek #NetworkSecurity #OpenSource
Zeek 8.1 development underway with plans for ZeroMQ to be the default cluster backend. If you’re building integrations, now’s the perfect time to share your experiences and help shape the future of Zeek. Read more in our latest newsletter: community.zeek.org/t/zeek-newsl...
Zeek Newsletter - Issue 55 - September 2025
Welcome to the Zeek Newsletter In this Issue: Reminders Tip of the Month Community Call Recap Development Updates Ecosystem News Packages Get Involved TL;DR: Voting is open for the Zeek LT election...
community.zeek.org
October 6, 2025 at 4:51 PM
Zeek 8.1 development underway with plans for ZeroMQ to be the default cluster backend. If you’re building integrations, now’s the perfect time to share your experiences and help shape the future of Zeek. Read more in our latest newsletter: community.zeek.org/t/zeek-newsl...
Thinking about contributing to Zeek? We put together 5 practical entry points - docs, testing, community, and more.
zeek.org/2025/10/5-wa...
zeek.org/2025/10/5-wa...
October 3, 2025 at 4:57 PM
Thinking about contributing to Zeek? We put together 5 practical entry points - docs, testing, community, and more.
zeek.org/2025/10/5-wa...
zeek.org/2025/10/5-wa...
In this issue: LT election updates, 8.1 development, community news, and much more. Check it out: community.zeek.org/t/zeek-newsl...
October 2, 2025 at 7:24 PM
In this issue: LT election updates, 8.1 development, community news, and much more. Check it out: community.zeek.org/t/zeek-newsl...
Mark it down: March 25–26, Zeek Workshop Europe at CERN @cern.bsky.social in Geneva. Registration opens soon!
October 1, 2025 at 10:01 PM
Mark it down: March 25–26, Zeek Workshop Europe at CERN @cern.bsky.social in Geneva. Registration opens soon!
Tomorrow’s Community Call will feature a lightning talk on Zeek TNS Parsers & CEF Forwarders, plus team updates and project news. Join us! zeek.org/events/
September 30, 2025 at 7:46 PM
Tomorrow’s Community Call will feature a lightning talk on Zeek TNS Parsers & CEF Forwarders, plus team updates and project news. Join us! zeek.org/events/
The next Zeek Community Call will be October 1 at 10am PT. We're excited to share project updates and have another community lightning talk - grab the Zoom link here: zeek.org/events/
September 24, 2025 at 6:40 PM
The next Zeek Community Call will be October 1 at 10am PT. We're excited to share project updates and have another community lightning talk - grab the Zoom link here: zeek.org/events/
Under the hood in Zeek 8: Spicy’s getting an upgrade 🌶️
We’re excited to introduce infrastructure changes that will pave the way for faster parsers and better performance over time. For more info about Spicy, head to our docs: docs.zeek.org/projects/spi...
#Zeek #Networking #Security
We’re excited to introduce infrastructure changes that will pave the way for faster parsers and better performance over time. For more info about Spicy, head to our docs: docs.zeek.org/projects/spi...
#Zeek #Networking #Security
Spicy — Generating Robust Parsers for Protocols & File Formats — Spicy v1.15.0-dev.69
docs.zeek.org
September 23, 2025 at 8:42 PM
Under the hood in Zeek 8: Spicy’s getting an upgrade 🌶️
We’re excited to introduce infrastructure changes that will pave the way for faster parsers and better performance over time. For more info about Spicy, head to our docs: docs.zeek.org/projects/spi...
#Zeek #Networking #Security
We’re excited to introduce infrastructure changes that will pave the way for faster parsers and better performance over time. For more info about Spicy, head to our docs: docs.zeek.org/projects/spi...
#Zeek #Networking #Security
ICYMI: Zeek 8 now supports Redis traffic.
With the new Redis analyzer, every command is logged to redis.log making it easier to see what’s happening across connections, spot trends, and monitor sensitive access.
More info: zeek.org/2025/08/intr...
#Zeek #Redis #NetworkSecurity
With the new Redis analyzer, every command is logged to redis.log making it easier to see what’s happening across connections, spot trends, and monitor sensitive access.
More info: zeek.org/2025/08/intr...
#Zeek #Redis #NetworkSecurity
September 22, 2025 at 4:59 PM
ICYMI: Zeek 8 now supports Redis traffic.
With the new Redis analyzer, every command is logged to redis.log making it easier to see what’s happening across connections, spot trends, and monitor sensitive access.
More info: zeek.org/2025/08/intr...
#Zeek #Redis #NetworkSecurity
With the new Redis analyzer, every command is logged to redis.log making it easier to see what’s happening across connections, spot trends, and monitor sensitive access.
More info: zeek.org/2025/08/intr...
#Zeek #Redis #NetworkSecurity
Tracking connections in tricky networks? Zeek 8 makes it easier with pluggable flow tuples. More accurate flow tracking, right out of the box (even in VLANs or virtualized setups).
Docs: docs.zeek.org/en/master/de...
#Zeek #CyberSecurity #NetworkMonitoring #OpenSource
Docs: docs.zeek.org/en/master/de...
#Zeek #CyberSecurity #NetworkMonitoring #OpenSource
Writing a Connection Key Plugin — Book of Zeek (git/master)
docs.zeek.org
September 17, 2025 at 5:14 PM
Tracking connections in tricky networks? Zeek 8 makes it easier with pluggable flow tuples. More accurate flow tracking, right out of the box (even in VLANs or virtualized setups).
Docs: docs.zeek.org/en/master/de...
#Zeek #CyberSecurity #NetworkMonitoring #OpenSource
Docs: docs.zeek.org/en/master/de...
#Zeek #CyberSecurity #NetworkMonitoring #OpenSource
Storage Framework = one of the most exciting recent Zeek features. We put together a quick video showing how it works and what it enables. If you missed it before, give it a watch: youtu.be/6h7kZ0zsVTc
Zeek 8’s New Storage Framework Explained
YouTube video by Zeek
youtu.be
September 16, 2025 at 4:42 PM
Storage Framework = one of the most exciting recent Zeek features. We put together a quick video showing how it works and what it enables. If you missed it before, give it a watch: youtu.be/6h7kZ0zsVTc
Last call: The nomination period for this year's Leadership Team election ends tomorrow! shorturl.at/dT2Qb
September 11, 2025 at 8:24 PM
Last call: The nomination period for this year's Leadership Team election ends tomorrow! shorturl.at/dT2Qb
Cluster backends can feel a little mysterious, so we made a video to clear things up. If you missed it earlier, now’s a good time to give it a watch.
Check out Arne’s walkthrough of the new ZeroMQ cluster backend (a Zeek 8 highlight!) – it’s a quick switch that makes cluster communication simpler:
www.youtube.com/watch?v=NgvB...
#Zeek #NetworkSecurity #OpenSource
www.youtube.com/watch?v=NgvB...
#Zeek #NetworkSecurity #OpenSource
Zeek 8's Cluster Backend Explained
YouTube video by Zeek
www.youtube.com
September 10, 2025 at 6:33 PM
Cluster backends can feel a little mysterious, so we made a video to clear things up. If you missed it earlier, now’s a good time to give it a watch.