Welcome to the Zeek Newsletter.
In this Issue:
- TL;DR
- Development Updates
- Zeek Blog and Mailing List
- Zeek in the Community
- Zeek Package Updates
- Zeek in the Enterprise
- Upcoming Events
- Zeek Related Jobs
- Get Involved
TL;DR
There is a lot of work happening in the background, and we are wrapping up summer vacations. This month is light on news, although we remind readers that ZeekWeek 2022 will take place 12-14 October, in Austin, Texas, USA. The call for papers was extended to 7 September. Register by 9 September to take advantage of reduced rates. Please read on for more.
Development Updates
On 24 August, Benjamin Bannier announced the release of Spicy 1.5.1. See the NEWS file for a high-level summary, or the CHANGES file for a detailed list of changes.
<https://github.com/zeek/spicy/blob/v1.5.1/NEWS.rst>
<https://github.com/zeek/spicy/blob/v1.5.1/CHANGES>
Zeek Blog and Mailing List
Johanna Amann migrated the mailing list to a Discourse platform in late May. The site is available here:
If you create a new account with the same email address that you used with the previous mailing list, all your old posts will be assigned to you. Please let us know if you encounter any issues, either by Slack, email, or the site-feedback category on Discourse.
The old mailing list archives now redirect to this site:
https://community.zeek.org/archives/list/zeek@lists.zeek.org/
If you’d like to read the Leadership Team meeting notes, they are here:
https://github.com/zeek/zeek/wiki/LT-Meeting-Notes
Zeek in the Community
On 3 August, Fatema Bannat Wala hosted a Zeek community call. The recording is here:
https://www.youtube.com/watch?v=lKpI4sWXK8o
Voting for seats on the Zeek leadership team begins 19 September. See this post for more:
https://community.zeek.org/t/august-2022-zeek-lt-election-announcement/6609
Check out the new Zeek Wikipedia page:
https://en.wikipedia.org/wiki/Zeek
Please feel free to contribute to it.
Zeek Package Updates
The following packages recently reported updates (as of 26 August), via this search:
https://github.com/zeek/packages/pulls?q=is%3Apr+is%3Aclosed
Add fdekeers’ mDNS package
#188 by fdekeers was merged 18 days ago
Added fdekeers’ Spicy-based IGMP packet analyzer package
#187 by fdekeers was merged 21 days ago
The https://packages.zeek.org site reported the last 5 updates as of 26 August:
8/25/22, 12:58 PM icsnpp-opcua-binary
8/23/22, 9:29 PM icsnpp-bacnet
8/22/22, 11:02 AM spicy-plugin
8/17/22, 10:18 AM icsnpp-enip
8/16/22, 1:07 PM spicy-dhcp
Zeek in the Enterprise
Congratulations to network security monitoring pioneer Vern Paxson who received the USENIX Test of Time award at USENIX Security for his 1998 paper on Zeek! Corelight has details here:
Upcoming Events
Here is the proposed schedule for ZeekWeek 2022:
https://zeek.org/zeekweek2022/schedule/
All times are US Central time.
12 October 2022 – Day 1 – Training
Option 1:
8:30am – 5:00pm – The Zeek Project Training – Intro to Zeek
By Keith Lehigh, Christian Kreibick, Fatema Bannat Wala
The Introduction to Zeek training is aimed at users who have little to no experience with Zeek. We will introduce you to some basic architecture, show you how to run and customize Zeek on the command line, and give some guidance on how to do basic log analysis. This year we will also be teaching about Zeek cluster deployments in production together with all the cluster components, and the new Zeek management framework.
Option 2:
8:30am – 5:00pm – The Zeek Project Training – Hands-on Zeek Scripting
By Aashish Sharma
In the Hands-on Zeek Scripting training, Aashish Sharma will walk attendees through the fundamentals of Zeek Scripting along with some practical exercises. Training will cover scripting basics but will advance through various frameworks such as notice, input, and clusterization techniques. Training will consist of some theory on each topic and hands-on exercises.
5:00pm – 7:00pm – Welcome Reception
13 October 2022 – Day 2 – SOC Professional/ Zeek User Track
9:00am – 9:10am – Welcome & Open Remarks
9:10am – 9:40am – Keynote
9:40am – 10:00am – Talk 1
10:00am – 10:20am – Talk 2
10:20am – 10:40am – Break
10:40am – 11:00am – Talk 3
11:00am – 11:20am – Talk 4
11:20am – 11:40am – Talk 5
11:40am – 12:00pm – Talk 6
12:00pm – 1:00pm – Lunch
1:00pm – 1:20pm – Talk 7
1:20pm – 1:40pm – Talk 8
1:40pm – 2:00pm – Talk 9
2:00pm – 2:20pm – Talk 10
2:20pm – 2:40pm – Closing
3:00pm – 5:00pm – Sponsored Track
14 October 2022 – Day 3 – Developer / Roadmap Track
9:00am – 9:10am – Welcome & Open Remarks
9:10am – 9:40am – Keynote
9:40am – 10:00am – Talk 1
10:00am – 10:20am – Talk 2
10:20am – 10:40am – Break
10:40am – 11:00am – Talk 3
11:00am – 11:20am – Talk 4
11:20am – 11:40am – Talk 5
11:40am – 12:00pm – Talk 6
12:00pm – 1:00pm – Lunch
1:00pm – 1:20pm – Talk 7
1:20pm – 1:40pm – Talk 8
1:40pm – 2:00pm – Talk 9
2:00pm – 2:20pm – Talk 10
2:20pm – 2:40pm – Closing
3:00pm – 5:00pm – Sponsored Track
Early bird registration ends 9 September. Full cost registration starts 10 September.
https://zeek.org/zeekweek2022/registration/
Register here:
See https://zeek.org/events/ for other events.
Zeek Related Jobs
To search LinkedIn for jobs mentioning Zeek skills, use this query:
<https://www.linkedin.com/jobs/search/?keywords=zeek>
Get Involved
If you have any comments or material for the newsletter please email news@zeek.org or join the #news Slack channel.
The Slack channel has been very active during the past month. Here is an invitation link:
https://join.slack.com/t/zeekorg/shared_invite/zt-12z1pjy93-zuVGuT1BF~yUJJvERxhp7g
Stay up to date by subscribing to the Zeek mailing list:
Follow us on Twitter:
Subscribe to our video channel:
https://www.youtube.com/channel/UC1K5-MWaM1XZcEFPCMrmNMw
See you next time!