Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
# Set to true to indicate that Zeek should output logs in JSON format
ZEEK_JSON=
# Whether or not to require SSL certificate verification when querying a TAXII or MISP feed
ZEEK_INTEL_FEED_SSL_CERTIFICATE_VERIFICATION=false
# Whether or not to disable the ICSNPP Profinet IO CM parser
ZEEK_DISABLE_ICS_PROFINET_IO_CM=
Malcolm v24.03.0 contains new features, improvements, bug fixes and component version updates.
https://github.com/idaholab/Malcolm/compare/v24.02.0...v24.03.0
./config/
)zeek.env