Learn More
'});
Zeek Logo

An Open Source Network Security Monitoring Tool

Flexible, open source, and powered by defenders.
Get Zeek

Zeek and Ye Shall Find

Zeek has been a cornerstone of the open-source and cybersecurity communities for decades. Originally developed by Vern Paxson in the 1990s under the name “Bro,” Zeek was designed to provide deep insights into network activity across university and national lab networks. In 2018, the project was renamed Zeek to reflect its growing role and evolution in the world of network security. Today, Zeek remains a highly sought after open source solution thanks to the development and financial support of Corelight.


Unlike traditional security tools such as firewalls or intrusion prevention systems, Zeek is not an active defense mechanism. Instead, it operates quietly on a sensor—whether hardware, software, virtual, or cloud-based—analyzing network traffic in real-time. Zeek captures high-fidelity transaction logs, file contents, and customizable data outputs, which are ideal for manual review or integration into SIEM systems for security analysts.

BY THE NUMBERS

70+ log files provided by default

3,000+ network events tracked

10,000+ deployments worldwide

6,400+ GitHub stars

20+ years of federally-funded R&D

260+ community-contributed packages

Join the Zeek Community!

Contribute to Zeek by sharing documentation, code, feature ideas, or spreading the word. Let’s connect and collaborate!

Learn More

Get Zeek
Downloads
Zeek GitHub
Add-on Packages
Try Zeek Online

Documentation
Feature Release
LTS Release
Dev Version
Dev Resources
FAQs

Community
Getting Started
Blog
Mastodon
Bluesky
Youtube
Discourse
Slack
Security Reporting
Contact Us
Subgroups
Training

Events
Upcoming Events
Calendar
Past Events

About About Zeek Leadership Team Code of Conduct Slack Guidelines Governance Framework Mission, Vision, Values