by Tim Wojtulewicz | Sep 4, 2025 | 8.0
I’ve talked in a video and a blog post recently about the new Zeek storage framework. This blog post expands upon those previous posts to explain how to actually use the framework. It will do this by adapting an existing policy script to use the new features to...
by Tim Wojtulewicz | Sep 4, 2025 | 8.0
Until Zeek 7.2, storing data across a cluster could be tricky and inefficient. The new Storage Framework changes that. This post explains the old model, the new framework, and what’s coming next. The Old Model: Broker Storage Storage in Zeek traditionally has run...
by Tim Wojtulewicz | Nov 28, 2022 | Zeek
As we shared at ZeekWeek 2022 in October, we’re thrilled to announce emerging support for Zeek on Windows, thanks to an open-source contribution from Microsoft. Part of its integration of Zeek into its Defender for Endpoint security platform, this contribution...
by Tim Wojtulewicz | Apr 3, 2020 | 3.1
Zeek has a long-standing issue with standby CPU usage on low-power systems and low-traffic networks where even if nothing is happening on the network, Zeek will continue to use 10-15% of the CPU doing nothing. This stems from the fact that the existing main loop of...
RSS - Posts