I am new in Zeek so I want guidance

Zeek
1

Hey folks,

I am new to the whole network security monitoring space & I came across Zeek. It looks like a powerful tool for digging into traffic and identifying unusual behavior but I m kind of overwhelmed right now trying to get my head around it.

I have read some docs and watched a few beginner videos but I still feel stuck on how to write even a simple script or where to begin with analyzing packet data in a real-world setup. If anyone has any advice or beginner-friendly resources, I appreciate it.

Also, I completed a online training course so I am hoping to bring that mindset here and work through Zeek the same way—step by step.

If you have suggestion for practice environments, test datasets or anything that helped you when you started, I want to hear about it.

Thank you…:slight_smile:

2

Welcome @Anastasia ! We’re happy to have you here.

Do you mind sharing what videos and resources you’ve used so far so that our team can point you in the right direction for additional support?

We also have an active Slack workspace with a dedicated beginner channel and plenty of knowledge sharing happening day-to-day. You can join our Slack here.