Check out Seth's guide to JA4 fingerprints in Zeek if you haven't seen it yet:
zeek.org/2026/01/how-...
Posts by The Zeek Network Security Monitor
The first release candidate for Zeek 8.2 will go out on Monday. Catch up on what's coming and let us know if you have any feedback: zeek.org/2026/04/zeek...
Did you know Zeek has a built-in debugger?
We collected some great stories from the community last month - first scripts, conn.log optimization, alert pipeline testing. Check them all out in the newsletter:
Stuck on why a Zeek script isn't working? Try the built-in debugger. Check it out in the March newsletter:
Free Zeek training at Trusted CI's Regional Summit, April 21-22. Registration is open now.
community.zeek.org/t/zeek-newsl...
New post: Zeek features community members discover by accident - the built-in debugger, btest, replaying logs without PCAPs. Take notes!
zeek.org/2026/04/the-...
One of our favorite share-outs from the community recently - reducing conn.log from 35GB to 5GB:
Dev Update: Zeek 8.2 is targeted for early May with ZeroMQ encryption for multi-node clusters, new IGMP analyzer, and Windows improvements π²
You can catch up on the details in our newsletter:
What did we get up to last month? Catch up in our latest newsletter - out now: community.zeek.org/t/zeek-newsl...
New on the blog: A simple community trick that'll clean up gigabytes of conn.log noise. zeek.org/2026/03/redu...
Reminder: the Zeek Monthly Community Call kicks off tomorrow at 10am Pacific. See you there!
Zeek Workshop Europe 2026 is a wrap! Thanks to those from the community who attended, we always enjoy the opportunity to connect face-to-face.
Our fall workshop is in the works - stay tuned for details π€
Just getting started with scripts? This blog post will give you a few ideas:
T-1 hour until Zeek Workshop CERN kicks off π€
Our monthly Community Call is happening next week (April 1, 10am Pacific Time). Grab the Zoom link here to join live! zeek.org/events/
Not sure if Zeek training is right for you? This post can help: zeek.org/2025/11/insi...
If you're ready to join us at the next summit, register here: www.trustedci.org/2026-regiona...
A community member shared how he got started writing Zeek scripts - no grand ambitions, no big detections, just fun tinkering.
We turned the discussion into a blog post, let us know what you think:
zeek.org/2026/03/your...
We had a couple of new/updated packages to highlight in the Zeek newsletter recently - be sure to check them out: community.zeek.org/t/zeek-newsl...
Only a handful of days left until Zeek Workshop at CERN!
@cern.bsky.social
In a recent lightning talk, community member Michael Dopheide shares a simple Zeek script his team uses to catch misconfigurations:
This month's Zeek technique: pcap-minimizer - useful for debugging scripts and analyzers.
π community.zeek.org/t/zeek-newsl...
Who is heading to Trusted CI's Regional Summit next month? We'll be there. Registration is open - more details in the latest newsletter π
Check out our latest lightning talk! This team runs a weekly Zeek script that fires a test alert from tap to on-call notification. If it doesn't arrive, something's broken.
www.youtube.com/watch?v=zlA-...
Zeek 8.2 is in development! ZeroMQ performance is looking strong and the team is looking for feedback. Details in this month's newsletter π
Catch up on Zeek via our latest newsletter: 8.2 development, upcoming events, AI policy, and more: community.zeek.org/t/zeek-newsl...
A new blog post covers Zeek customization: what the community actually changes, what to leave alone, and why two people solving the same problem differently can both be right.
zeek.org/2026/03/what...
Don't forget about tomorrow's Community Call. Join us and let us know what's on your mind when it comes to Zeek.
Our recent blog post is worth a read if you've been thinking about Zeek + AWS:
Mark your calendars - the next Zeek Community Call is happening March 4 at 10am Pacific Time. Grab the Zoom link here:
zeek.org/events/