How to Install Zeek Network Security Monitoring Tool on Ubuntu 24.04

Zeek (formerly Bro) is a free and open-source platform for network security monitoring. It is a powerful passive network traffic analyzer that investigates suspicious or malicious activity. Zeek can be used as a network security monitor (NSM) and supports a wide range of traffic analysis, from the security domain to performance measurement and troubleshooting.

In this tutorial, you'll learn how to install the Zeek network security monitoring tool on the Ubuntu 24.04 server. You'll also learn how to run Zeek in a cluster mode, how to parse Zeek log with the 'zeek-cut' command, and how to generate and parse Zeek JSON log with the 'jq' utility. Read more