by Michelle Pathe | Apr 8, 2026 | community
A Zeek user spent years maintaining a careful system of named test PCAPs, tracking which scripts belonged to which tests and building a testing workflow from scratch. Then they discovered btest, Zeek’s built-in testing framework that automatically creates...
by Michelle Pathe | Apr 2, 2026 | community, Workshop
Close to 100 people gathered at CERN in Geneva on March 25-26 for Zeek Workshop Europe 2026. The two-day event brought together practitioners from across Europe for knowledge sharing, training, and networking. The workshop kicked off with presentations covering Zeek...
by Michelle Pathe | Mar 31, 2026 | community, How-to
Blocking scanners at your network edge solves one problem but creates another: Zeek will log every failed connection attempt, filling conn.log with noise from hosts you’ve already blocked. A simple log filtering hook can eliminate this noise. Aaron Scantlin from...
by Michelle Pathe | Mar 19, 2026 | community, getting started
Your first Zeek script doesn’t need to detect malware, stop threats, or solve a critical security problem. In fact, it probably shouldn’t. David Fitz learned Zeek through a SANS course and wanted to try his first script in his homelab. Instead of detecting...
by Michelle Pathe | Mar 4, 2026 | community
You got Zeek running, logs are flowing, and the default configuration is doing its job. And then you hit the wall that almost every Zeek user hits eventually: you know Zeek is extensible, you know you’re supposed to customize it, but nobody has given you a clear...
RSS - Posts