Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/zeke/README'

Browse source 
Includes light edit pass.

* origin/topic/zeke/README:
  Add plaintext README file.
  Fix try.zeek.org link
  Improve readability of plaintext.
  Tone down HTML and improve development section.
  Remove development paragraph.
  Update README.
This commit is contained in:
Robin Sommer 2019-07-16 15:53:16 +00:00
commit c22edc28a5
5 changed files with 196 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

5
CHANGES
View file

@ -1,4 +1,9 @@
2.6-624 | 2019-07-16 16:07:59 +0000
* Redo README. We now have separate plain text and Markdown versions.
(Zeke Medley, Corelight)
2.6-616 | 2019-07-16 15:21:37 +0000
* Fix referecne counting bug in EnumType copy constructor. (Jon

107
README
View file

@ -1,36 +1,93 @@
=============================
Zeek Network Security Monitor
=============================
=================================
The Zeek Network Security Monitor
=================================
Zeek is a powerful framework for network analysis and security
monitoring.
Zeek is a powerful framework for network traffic analysis and security
monitoring. Follow us on Twitter at @zeekurity.
(Zeek is the new name for the long-established Bro system. Note that
parts of the system retain the "Bro" name, and it also often appears in
the documentation and distributions.)
Key Features
============
Please see the INSTALL file for installation instructions and pointers
for getting started. NEWS contains release notes for the current
version, and CHANGES has the complete history of changes. Please see
COPYING for licensing information.
* **In-depth Analysis**
Zeek ships with analyzers for many protocols, enabling
high-level semantic analysis at the application layer.
You can download source and binary releases on:
* **Adaptable & Flexible**
Zeek's domain specific scripting language enables site-specific
monitoring policies and means that it is not restricted to any
particular detection approach.
https://www.zeek.org/download
* **Efficient**
Zeek targets high-performance networks and is used operationally
at a variety of large sites.
To get the current development version, clone our master git
repository:
* **Highly Stateful**
Zeek keeps extensive application-layer state about the network
it monitors and provides a high-level archive of a network's
activity.
git clone --recursive https://github.com/zeek/zeek
Getting Started
===============
For more documentation, research publications, and community contact
information, please see the home page:
The best place to find information about getting started with Zeek is
our web site https://www.zeek.org, specifically the documentation
section there [1]. One the web site you can also get downloads for
stable releases, tutorials on getting Zeek set up, and many other
useful resources.
https://www.zeek.org
You can find release notes in NEWS, and a complete record of all
changes in CHANGES.
On behalf of the Zeek Development Team,
To work with the most recent code from the development branch of Zeek,
clone the master git repository:
> git clone --recursive https://github.com/zeek/zeek
With all dependencies [2] in place, build and install:
> ./configure && make && sudo make install
Write your first Zeek script:
# File "hello.zeek"
event zeek_init
{
print "Hello, World!";
}
And run it:
> zeek hello.zeek
For learning more about the Zeek scripting language,
https://try.zeek.org is a great resource.
Development
===========
Zeek is developed on GitHub by its community. We welcome
contributions. Working on an open source project like Zeek can be an
incredibly rewarding experience and, packet by packet, makes the
Internet a little safer. Today, as a result of countless
contributions, Zeek is used operationally around the world by major
companies and educational and scientific institutions alike for
securing their cyber infrastructure.
If you're interested in getting involved, we collect feature requests
and issues on GitHub. More information on Zeek's development can be
found here [2], and information about its community and mailing lists
(which are fairly active) can be found here [3].
License
-------
Zeek comes with a BSD license, allowing for free use with virtually no
restrictions. You can find it in COPYING.
[1] https://www.zeek.org/documentation/index.html
[2] https://docs.zeek.org/en/stable/install/install.html
[3] https://www.zeek.org/development/index.html
[4] https://www.zeek.org/community/index.html
Vern Paxson & Robin Sommer,
International Computer Science Institute &
Lawrence Berkeley National Laboratory
vern@icir.org / robin@icir.org

108
README.md Normal file
View file

@ -0,0 +1,108 @@
<h1 align="center">
[![Zeek Logo](https://www.zeek.org/images/bro-eyes.png)](https:://www.zeek.org)
The Zeek Network Security Monitor
</h1><h4 align="center">
A [powerful](https://www.zeek.org/why_choose_zeek.pdf) framework for network
traffic analysis and security monitoring.
[_Key Features_](#key-features) —
[_Documentation_](https://docs.zeek.org/en/stable/index.html) —
[_Getting Started_](#getting-started) —
[_Development_](#development) —
[_License_](#license)
Follow us on Twitter at [@zeekurity](https://twitter.com/zeekurity).
</h4>
Key Features
--------------
* __In-depth Analysis__
Zeek ships with analyzers for many protocols, enabling high-level semantic
analysis at the application layer.
* __Adaptable and Flexible__
Zeek's domain-specific scripting language enables site-specific monitoring
policies and means that it is not restricted to any particular detection
approach.
* __Efficient__
Zeek targets high-performance networks and is used operationally at a variety
of large sites.
* __Highly Stateful__
Zeek keeps extensive application-layer state about the network it monitors
and provides a high-level archive of a network's activity.
Getting Started
---------------
The best place to find information about getting started with Zeek is
our web site [www.zeek.org](https://www.zeek.org), specifically the
[documentation](https://www.zeek.org/documentation/index.html) section
there. On the web site you can also find downloads for stable
releases, tutorials on getting Zeek set up, and many other useful
resources.
You can find release notes in [NEWS](https://github.com/zeek/zeek/blob/master/NEWS),
and a complete record of all changes in [CHANGES](https://github.com/zeek/zeek/blob/master/CHANGES).
To work with the most recent code from the development branch of Zeek,
clone the master git repository:
`git clone --recursive https://github.com/zeek/zeek`
With all [dependencies](https://docs.zeek.org/en/stable/install/install.html#prerequisites)
in place, build and install:
`./configure && make && sudo make install`
Write your first Zeek script:
```zeek
# File "hello.zeek"
event zeek_init
{
print "Hello World!";
}
```
And run it:
`zeek hello.zeek`
For learning more about the Zeek scripting
language, [try.zeek.org](http://try.zeek.org) is a great resource.
Development
-----------
Zeek is developed on GitHub by its community. We welcome
contributions. Working on an open source project like Zeek can be an
incredibly rewarding experience and, packet by packet, makes the
Internet a little safer. Today, as a result of countless
contributions, Zeek is used operationally around the world by major
companies and educational and scientific institutions alike for
securing their cyber infrastructure.
If you're interested in getting involved, we collect feature requests
and issues on GitHub [here](https://github.com/zeek/zeek/issues) and
you might find
[these](https://github.com/zeek/zeek/issues?q=is%3Aissue+is%3Aopen+label%3A%22Difficulty%3A+Easy%22)
to be a good place to get started. More information on Zeek's
development can be found
[here](https://www.zeek.org/development/index.html), and information
about its community and mailing lists (which are fairly active) can be
found [here](https://www.zeek.org/community/index.html).
License
-------
Zeek comes with a BSD license, allowing for free use with virtually no
restrictions. You can find it [here](https://github.com/zeek/zeek/blob/master/COPYING).

1
README.rst
View file

@ -1 +0,0 @@
README

2
VERSION
View file

@ -1 +1 @@
2.6-616
2.6-624