by Michelle Pathe | Mar 4, 2026 | community
You got Zeek running, logs are flowing, and the default configuration is doing its job. And then you hit the wall that almost every Zeek user hits eventually: you know Zeek is extensible, you know you’re supposed to customize it, but nobody has given you a clear...
by Michelle Pathe | Feb 4, 2026 | Best Practices, community
Network security monitoring typically focuses on catching threats. But ask Zeek users what they actually discover in their logs, and a different picture emerges: chatty devices wasting bandwidth, misconfigurations creating millions of unnecessary DNS queries, and...
by Michelle Pathe | Jan 7, 2026 | community
Zeek rarely works in isolation. The real power comes from pairing it with other tools – SIEMs for log aggregation, IDS/IPS for signature-based detection, threat intel feeds for enrichment, packet capture tools for deeper investigation. We recently asked our...
by Michelle Pathe | Dec 2, 2025 | community, deployment
We recently asked the community something we’ve been curious about for a while: What kind of hardware are you using to run Zeek? What does that setup even look like? What started as a straightforward question about specs and sizing quickly turned into something...
by Michelle Pathe | Nov 5, 2025 | community
Plenty of people generate Zeek logs, but not everyone knows what to do with them. We asked the Zeek community to share their real-world approaches, and they delivered. We heard everything from automation scripts to quantum cryptography research and, honestly, we...
RSS - Posts