Zeek is a framework for analysis network and security monitoring. It is a powerful system that in addition to the functionality it provides, also offers the flexibility to adjust the resolution almost arbitrarily.
Specifications
- Adaptable
- Efficient
- Flexible
- Forensics
- In-depth Analysis
- Highly Stateful
- Open Interfaces
- Open Source
While focused on network security monitoring, Zeek provides a comprehensive platform for more general analysis movementof network. Having relied on more than 20 years researchs, Zeek has successfully bridged the traditional gap between academics and operations since its inception. Today, it is operationally supported by both large corporations and many educational and scientific institutions to secure cyber infrastructure.
Zeek was originally developed by Vern Paxson. Robin Sommer is now leading the project, along with a core team of researchers and developers at the International Computer Science Institute at Berkeley, California. and the National Center for Supercomputing Applications in Urbana-Champaign, IL.
You can download the program from here.
Instructions on its installation can be found here.
You will find a guide to using the program here.
Application snapshots