Hi
I am new at zeek
And I need to achive those points:
how to create a network baseline through zeek, and then compare the live network traffic with the baseline through zeek also to see the alerts that zeek will issue
Are there any tutorial that helps me please?
Thanks in advance…
Is this a school project for comparing intrusion detection systems? Or is this a project for a customer? I’m trying to understand what sort of experience you might have with this kind of project.
Sincerely,
Richard
Hi…
Yes, I am a master student, and I need to test Zeek ids in: how to detect anomalies in network traffic comparing with a baseline.Thank in advance
في الثلاثاء، ١٣ أيلول، ٢٠٢٢ ١٢:٠٨ ص Richard Bejtlich via Zeek <notifications@zeek.discoursemail.com> كتب:
Please check out the docs for ideas on how to use Zeek effectively:
Sincerely,
Richard
Hello, I am a graduate student who is also studying zeek. Maybe we can exchange our experience