Building from Source > Required Dependencies > Copy and paste the command for DEB/Debian-based Linux
sudo apt install zeek -y
It keeps saying the following:
The following packages have unmet dependencies:
zeek-core : Depends: libc6 (< 2.32) but 2.34-4 is to be installed
E: Unable to correct problems, you have held broken packages.
Building from Source > Required Dependencies > Copy and paste the command for DEB/Debian-based Linux
sudo apt install zeek -y
You are mixing two things here, building from source (1 & 2) and installing prebuilt binary packages (3).
Kali 2022.3 seems have an outdated zeek-3.2.3 in its binary package repo for installation with apt. There is e.g., no package zeek-core in its repo, so I suspect you added another repo which contains the broken binary package which you cannot install. You could try to remove that repo (have a look at /etc/apt/sources.list and /etc/apt/sources.list.d/), and retry installation of Kali’s zeek package, but like I wrote, that version is outdated and not supported anymore.
Alternatively, skip step 3 above, and instead continue with the instructions for building from source from the Zeek documentation.
Same as mine too - I kept getting the problem 'E: Unmet dependencies.'libc6 (2.34) is required, however, 2.34-4 must be installed. I attempted an apt fix-broken install. I tried Sudo apt-get -f install to force the installation.
I attempted to upgrade or install a new package, but it is still not working. In all circumstances, I receive the same error messages.
Hi Benjamin! Thanks so much for helping me. I have removed the repo from sources.list.d and like you mentioned, am unable to install with apt. I am currently installing from source now, seems to be working, will update. Thank you! You’ve really helped
Hey Banwood! I did what Benjamin mentioned above, specifically -
delete the zeek repo from /etc/apt/sources.list.d/ (mine was in list.d)
sudo apt-get install cmake make gcc g++ flex libfl-dev bison libpcap-dev libssl-dev python3 python3-dev swig zlib1g-dev → this is to install the required dependencies (for Debian based Linux, if you’re using other OS please refer here)
sudo apt-get install python3-git python3-semantic-version → to install the option dependencies - again, this is for Debian based Linux
git clone --recurse-submodules https://github.com/zeek/zeek → cloning the source packages from Zeek
I noticed the zeek directory (for my Kali) is at /home/kali/zeek, so I got into the directory and ran the last few commands from the instructions, namely ./configure, then make
(It’s taking more than an hour and I’m at 35% progress now, not sure how it’ll turn out, but better than getting stuck with sudo apt install zeek!)
UPDATE:
6: After step 5 above, I then ran sudo make install while still in the /home/kali/zeek folder
7: LAST STEP!! To configure the path to use Zeek in the runtime environment, I used export PATH=/usr/local/zeek/bin:$PATH → this command is also copied from the Zeek installation website, for Bourne shell syntax
ANOTHER UPDATE:
My tutorial required me to use sudo zeek -r <.pcap file here> but when I ran the command with sudo it says sudo: zeek: command not found… I realised I did not export zeek into my superuser path.
This brings me to my last step!!
8: See current non-superuser path with env | /bin/grep PATH
9: See current superuser path with sudo env | grep ^PATH
10: If zeek is not inside step 9, then copy the path from 8
11: Run sudo visudo, replace the current secure_path with the one you just copied
12: Save the file
I’m not sure about this… I used a fresh 2022.3 kali. I checked the c++: fatal error: Killed signal terminated program cc1plus error and it seems like the top results are due to insufficient memory.
For comparison, I am using VMware Workstation 16 pro, Kali 2022.3, 12gb memory, 2 processors, 2 cores per processors (no reason why, i just randomly chose 2…)
c++: fatal error: Killed signal terminated program cc1plus
If you see errors like this it means that the compiler died in a violent way. This can be due to a wide range of issues, but most of the time the compiler was killed due to an OOM error. The workaround is usually to either compile with less parallelism (pass smaller value to make -j <N>), or to increase the memory. If you compile with GCC you should allow for 2-4GB per CPU, for clang around 0.5-1GB.
you are mixing up two things here. To install from source, you will never issue an apt command. The apt commands are only used for binary packages; for source installations follow these guidelines: Installing Zeek — Book of Zeek (git/master)
As mentioned above - we don’t support Kali linux for binary installations. In the past I have heard of people having success installing the Debian testing binaries - but only these, no other versions.
hey man, thanks for the tutorial, but I have problems with the last step, I did change the path but it still shows the “zeek: command not found”. Can I have a look at your path inside the visudo?