Zeek is a framework for network analysis and security monitoring. It is a powerful system that in addition to the functionality it provides, also offers the flexibility to adjust the resolution almost arbitrarily.
- In-depth Analysis
- Highly Stateful
- Open Interfaces
- Open Source
While focusing on network security monitoring, Zeek provides a comprehensive platform for general network traffic analysis. Relying on more than 20 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is supported by both large companies and many educational and scientific institutions to ensure the infrastructure in cyberspace.
Zeek was originally developed by Vern Paxson. Robin Sommer is now leading the project, working with a core team of researchers and developers at the International Institute of Computer Science in Berkeley, California. and the National Center for Supercomputing Applications in Urbana-Champaign, IL.
Instructions on its installation can be found here.
You will find a guide to using the program here.