-
zeek-7 changed the way global IDs are written from `GLOBAL::XYZ` to `::XYZ`. This syntax is not supported by e.g., `zeek-format`.
```zeek
type r: record { };
event zeek_init()
{
local x: ::…
-
zeek docker container can't be built
## Git Commit
38818c12f7d8bc0578dc3caff26aa4338dc0a37d
## Steps to reproduce
```
podman compose build agent-zeek-current
....
[ 28%] Building CXX …
-
Hello, was there a specific reason to not use `&optional` on several of the ja4 zeek records such as here? https://github.com/FoxIO-LLC/ja4/blob/main/zeek/ja4t/main.zeek#L42.
When writing JSON logs…
-
After some review, it appears the issue is that sometimes I don't get timestamps reported from Zeek for extracted files. I'm going to repurpose this issue for that as it's the root of what we were see…
-
### Description
The docs reference `Zeek` in multiple guides/tutorials, but there's not consolidated page with information about him. Create a dedicated page and `` component that we can re-use throu…
-
* I'm running Zeek 6.0.4 on Ubuntu 22.04
* I've installed postgresql via ```apt install postgresql-server-dev-all```
* When running ```sudo zkg -vvv install 0xxon/zeek-postgresql``` my ouput is:
…
w00di updated
2 months ago
-
The core.negative-time test on opensuse_tumbleweed[ starting failing](https://cirrus-ci.com/task/5145380709466112).
After looking a bit, on tumbleweed there's libpcap 1.10.5, while locally I have 1…
-
zeek version 6.2.1 [in Docker](https://github.com/idaholab/Malcolm/blob/main/Dockerfiles/zeek.Dockerfile) on Debian 12, with [downloaded official Zeek .deb packages](https://github.com/idaholab/Malcol…
-
@ynadji and @JustinAzoff hit a scenario where Dicts report iterator invalidations via `internal Dictionary::Remove() possibly caused iterator invalidation`, triggered as follows:
```
(gdb) bt
[31/4…
-
Would it be possible to integrate Bro/Zeek logs into pfelk?
Bro/Zeek is another IDS like Snort/Suricata but it looks for anomalous traffic. pfSense currently supports it but the logs are barely u…