Hey Zeekers,
I’ve been running several production instances of Zeek version 3.0.11 with the Kafka library (version 1.4.2) and the older Metreon Kafka Plugin. No problems and it is very stable, but it is time to upgrade to LTS and I’ve been having serious issues getting a good build of 4.0.5 with a functional Zeek plugin.
I have tried the newer (supported?) version of the plugin (https://github.com/SeisoLLC/zeek-kafka), following the instructions (zkg install seisollc/zeek-kafka --version 1.0.0), and it fails because the 1.0.0 brianch is no longer there. The compile and install works if I leave the version off or specify --main, but it just never tries to send to Kafka. I’ve tried Kafka library version 1.4.2, which is called out in the docs, and I’ve even tried the newer stable version 1.6.2.
I even tried using the older Metreon plugin on Zeek 4.0.5, which compiles but doesn’t pass the zeekctl check.
I’ve tried clean installs from scratch, and upgrades.
Does anyone have Zeek 4.0.5 working with the Kafka plugin? My OS is Ubuntu 18.0.4.
Kurtis Lawson