Zeek on FreeBSD series
Zeek is a network security monitoring platform which generates rich network metadata. Zeek is not an active security device. It sits on a sensor, a hardware, software, virtual, or cloud platform that quietly and unobtrusively observes network traffic. Zeek interprets what it sees and creates compact, high-fidelity transaction logs, file content, and fully customized output - rich network metadata. This metadata is very valuable for general network troubleshooting, getting insight in what happens on your network, and even for incident response and forensics!
See below the links to all the Zeek based blog posts.
The series
The series consists of the following posts:
- Implement Zeek on FreeBSD
- Run Zeek as user zeek on FreeBSD
- First Zeek queries on FreeBSD
- Install Zeek packages on FreeBSD
- Monitor multiple interfaces with Zeek on FreeBSD
Resources
Some (other) resources about this subject: