The Zeek Network Security Monitor (@zeek.org)

Test Your Zeek Alerting Pipeline with a Simple Script YouTube video by Zeek

Check out our latest lightning talk! This team runs a weekly Zeek script that fires a test alert from tap to on-call notification. If it doesn't arrive, something's broken.

www.youtube.com/watch?v=zlA-...

10.03.2026 16:49 👍 0 🔁 0 💬 0 📌 0

Zeek 8.2 is in development! ZeroMQ performance is looking strong and the team is looking for feedback. Details in this month's newsletter 👇

09.03.2026 18:01 👍 0 🔁 0 💬 0 📌 0

Zeek Newsletter - Issue 60 - February 2026 Welcome to the Zeek Newsletter. In this Issue: Community News Zeek Techniques Community Call Recap Development Updates Packages Get Involved TL;DR: Zeek 8.2 development is underway with strong Zero...

Catch up on Zeek via our latest newsletter: 8.2 development, upcoming events, AI policy, and more: community.zeek.org/t/zeek-newsl...

05.03.2026 21:29 👍 0 🔁 0 💬 0 📌 1

A new blog post covers Zeek customization: what the community actually changes, what to leave alone, and why two people solving the same problem differently can both be right.

zeek.org/2026/03/what...

04.03.2026 19:07 👍 1 🔁 0 💬 0 📌 0

Don't forget about tomorrow's Community Call. Join us and let us know what's on your mind when it comes to Zeek.

03.03.2026 20:43 👍 0 🔁 0 💬 0 📌 0

Our recent blog post is worth a read if you've been thinking about Zeek + AWS:

02.03.2026 19:01 👍 0 🔁 0 💬 0 📌 0

Mark your calendars - the next Zeek Community Call is happening March 4 at 10am Pacific Time. Grab the Zoom link here:

zeek.org/events/

25.02.2026 19:15 👍 0 🔁 0 💬 0 📌 1

Threat Intelligence Workshop Series Threat Intelligence Workshop SeriesPART DEUX: The hunt is on -- Leveraging MISP within your infrastructure Led by SAFER and the SOC Working Group, supporting R&E communities. Everyone is welcome to at...

Talks on Zeek Intel Framework and Splunk for Zeek Data are happening at Part 2 of this Threat Intelligence Workshop series - happening tomorrow: indico.cern.ch/event/1596660/

24.02.2026 20:58 👍 0 🔁 0 💬 0 📌 0

New from the Zeek Team: Arne wrote about running Zeek with AWS Traffic Mirroring using the UDP packet source plugin. Read more on the blog: zeek.org/2026/02/usin...

24.02.2026 17:38 👍 0 🔁 0 💬 0 📌 1

Registration for our workshop closes March 9, but only a few spots are left. Grab yours and join us in Geneva before it's too late 👉 zeek.org/workshop-cer...

19.02.2026 17:31 👍 0 🔁 0 💬 0 📌 0

Zeek Newsletter - Issue 59 - January 2026 Welcome to the Zeek Newsletter In this Issue: Community News Zeek Techniques Community Call Recap Development Updates Packages Get Involved TL;DR: Zeek 8.1 is officially out and security updates 8....

Check out a quick tip from this month's Zeek newsletter: a one-liner for processing multiple PCAPs at once using mergecap and Zeek together. Find it here: community.zeek.org/t/zeek-newsl...

18.02.2026 18:17 👍 0 🔁 0 💬 0 📌 0

What's the weirdest operational issue you've caught in your logs? We asked the Zeek community about things they've discovered - check out some of the stories on our blog:

17.02.2026 18:50 👍 0 🔁 0 💬 0 📌 0

Zeek Newsletter - Issue 59 - January 2026 Welcome to the Zeek Newsletter In this Issue: Community News Zeek Techniques Community Call Recap Development Updates Packages Get Involved TL;DR: Zeek 8.1 is officially out and security updates 8....

Don't miss out on these upcoming events:

Leveraging MISP 📆 Feb 25
Zeek at CERN 📆 March 25-26
Trusted CI Training 📆 April 21

Details & RSVP community.zeek.org/t/zeek-newsl...

11.02.2026 18:05 👍 0 🔁 0 💬 0 📌 0

Follow Zeek releases with fewer issues with help from one of our recent blog posts: zeek.org/2026/02/why-...

10.02.2026 17:07 👍 0 🔁 0 💬 0 📌 0

Darryl The Office Darryl Philbin GIF ALT: Darryl The Office Darryl Philbin GIF

Have you heard? JavaScript support is now available on Mac, enabling Mac users to experiment with Zeek scripting and JavaScript. Catch all the dev updates in our latest newsletter: community.zeek.org/t/zeek-newsl...

09.02.2026 19:54 👍 0 🔁 0 💬 0 📌 0

Zeek Scripting Tutorial: Learn the Fundamentals YouTube video by Zeek

ICYMI: Evan's recent tutorial walks through Zeek scripting from the ground up. Types, events, functions, and a full detection example...

youtube.com/watch?v=nae8cdrUUKY

06.02.2026 17:45 👍 0 🔁 0 💬 0 📌 0

Zeek Newsletter - Issue 59 - January 2026 Welcome to the Zeek Newsletter In this Issue: Community News Zeek Techniques Community Call Recap Development Updates Packages Get Involved TL;DR: Zeek 8.1 is officially out and security updates 8....

Newsletter's up - good stuff inside :)
community.zeek.org/t/zeek-newsl...

05.02.2026 18:42 👍 0 🔁 0 💬 0 📌 0

Sometimes what you find in Zeek logs isn't a security threat. It's operational problems - misconfigurations, chatty devices, applications doing strange things.

Our latest blog post highlights a few of these discovery stories from the community:
zeek.org/2026/02/how-...

04.02.2026 20:15 👍 0 🔁 0 💬 0 📌 1

The next Community Call is happening tomorrow - join us for project updates and more:

03.02.2026 23:50 👍 0 🔁 0 💬 0 📌 0

Upgrade Zeek without grief thanks to Benjamin's latest blog post: zeek.org/2026/02/why-...

03.02.2026 18:03 👍 0 🔁 0 💬 0 📌 1

Considering JA4? Take a look at Seth's recent blog post covering the full fingerprint family:

02.02.2026 19:51 👍 0 🔁 0 💬 0 📌 0

Our upcoming workshop at @cern.bsky.social will feature a Zeek 9.0 roadmap, CERN's network team on Zeek deployment, new storage framework, traffic shunting + full-day training on incident response and Spicy protocol analyzers.

Join us: zeek.org/workshop-cern-2026/schedule/

#Zeek #NetworkSecurity

29.01.2026 19:19 👍 1 🔁 0 💬 0 📌 0

The next Zeek Community Call is on the calendar for Wednesday February 4. Join us for project updates and more 👉 zeek.org/events/

28.01.2026 18:34 👍 0 🔁 0 💬 0 📌 1

Our new guide to JA4 network fingerprints in Zeek is up. Includes setup and real detection examples, check it out on our blog → zeek.org/2026/01/how-...

27.01.2026 20:54 👍 1 🔁 0 💬 0 📌 1

If you want the technical details on the new ZeroMQ backend architecture, setup, even performance monitoring, our recent video covers it all. Check it out below:

22.01.2026 18:32 👍 0 🔁 0 💬 0 📌 0

Zeek 8.1 cuts cluster CPU usage significantly with the new ZeroMQ backend. Head to our blog to learn why this architectural shift took years to ship, plus other updates in our latest release:

zeek.org/2026/01/intr...

21.01.2026 18:51 👍 1 🔁 0 💬 0 📌 0

Zeek Newsletter - Issue 58 - December 2025 Happy New Year and welcome to the Zeek Newsletter. In this Issue: Community News Tip of the Month Community Call Recap Development Updates Ecosystem News Packages Get Involved TL;DR: Zeek 8.1 RC2 i...

The best Zeek stories come from users. This month our community is sharing recent discoveries - the weird, the threatening, and the unexpected.

Check out the newsletter to learn how you can share yours: community.zeek.org/t/zeek-newsl...

20.01.2026 21:16 👍 0 🔁 0 💬 0 📌 0

Zeek Scripting Tutorial: Learn the Fundamentals YouTube video by Zeek

Check out our recent Zeek scripting tutorial that walks through the fundamentals of writing custom detections from basic types to building a working script.

If you've wanted to customize Zeek for your environment or write your own detections, this is a solid starting point:

youtu.be/nae8cdrUUKY

20.01.2026 17:40 👍 0 🔁 0 💬 0 📌 0

Cluster Backend Walkthrough YouTube video by Zeek

Zeek 8.1's big change: ZeroMQ as the default cluster backend. Arne's new video explains what that means and why it matters.
youtu.be/EeW_Oo-xNdQ

14.01.2026 18:52 👍 0 🔁 0 💬 0 📌 1

Zeek feature release 8.1.0 Zeek feature release v8.1.0 is now available: https://zeek.org/get-zeek https://download.zeek.org/zeek-8.1.0.tar.gz See the release notes for details of the new functionality, breaking changes, and...

Zeek 8.1 is out now! What's inside? ZeroMQ cluster backend, JavaScript and WebSocket improvements, and much more.

community.zeek.org/t/zeek-featu...

13.01.2026 20:09 👍 1 🔁 0 💬 0 📌 0

The Zeek Network Security Monitor

Latest posts by The Zeek Network Security Monitor @zeek.org