Traffic Analyzer Zeek 6.0.0 Released

Release of Zeek 6.0.0 Introduces Improved Traffic Analysis System and Network Invasion Detection

July 13, 2023 – Zeek, formerly known as Bro, has officially released Zeek 6.0.0, a powerful traffic analysis system designed to detect network invasions and track security events. Zeek is a platform primarily focused on analyzing network traffic and is not limited to this application. The system, originally written in C++, is now available under the BSD license.

Zeek 6.0.0 provides a platform for analyzing various network application protocols, allowing users to gather detailed information on network activity and connections. It offers an object-oriented language for writing monitoring scenarios and identifying anomalies specific to different infrastructures. The system is optimized for use in high-bandwidth networks and includes an API for integration with third-party information systems and real-time data exchange.

The latest release of Zeek, version 6.0.0, introduces several new features and enhancements:

FeatureDescription
ZEEKJS ImplementationA new plugin that allows developers to use JavaScript as an alternative language for scenario development. The implementation is based on libnode, a C++ version of Node.js, offering access to the Zeek API and support for processing more than 500 events.
Built-in Support for Community IDZeek now includes support for Community ID, a feature that allows attaching marks to individual network flows using hash identifiers from addresses and source ports.
Spicy-Plugin CapabilitiesThe new release incorporates the capabilities of the Spicy-Plugin plugin, enabling the creation of analyzers in the object-oriented SPICY language. This language is optimized for the analysis of protocols and structured data, with parsers for the Finger and Syslog protocols now leveraging Spicy.
Data Download in JSON FormatScripts now offer the ability to download data in JSON format, with the addition of the FROM_JSON() function.
/Reports, release notes, official announcements.