Zeek Newsletter - Issue 26 - February 2023

Welcome to the Zeek Newsletter.

In this Issue:

  • TL;DR
  • Development Updates
  • Zeek in the Community
  • Zeek in the Enterprise
  • Upcoming Events
  • Zeek Package Updates
  • Get Involved


This month’s newsletter is mostly about development updates. Thank you for participating in the Zeek survey. We will share what we learned once we have time to digest the results. Zeek 5.2.0 has arrived as well.

Development Updates

Throughout the month (and including 1 March), Tim Wojtulewicz released several new versions of Zeek.

1 February: Zeek 5.0.6 and 5.1.2, a security and bug fix release:


3 February: Zeek 5.2.0-rc-1, a new release candidate.


21 February: Zeek 5.0.7 and 5.1.3, a security and bug fix release, and Zeek 5.2.0-rc-2, a new release candidate.


1 March: Zeek 5.2.0, a new release.


We encourage users to update to the latest releases to address bugs and security issues. The release notes contain important information:


Of note:

“Experimental support added for building and running Zeek on Microsoft Windows environments. This is considered experimental due to the fact that our standard testing setup (btest) doesn’t run properly on Windows. This will be fixed in the future. In the meantime we have done some basic testing against builds done with Visual Studio 2019. Information on how to build on Windows is available in the Zeek documentation. Note also that Spicy is currently unsupported and will be fixed in the future.

The feature as checked into the repository is not considered production-ready. There are many bugs to squash and features to improve, and we will be steadily fixing things over the next few months.

The Zeek team wants to give a huge thank you to the team at Microsoft for all of their effort in completing this port.”

On 16 February, Benjamin Bannier announced the release of Spicy 1.7.0 and spicy-plugin-1.5.0.


Zeek in the Community

On 27 February, Doug Burks announced that Zeek 5.0.7 is now available in Security Onion 2.3.220:


Thanks to everyone subscribed to our YouTube channel, we’re approaching 4,100 subscribers. Check us out here:


This playlist contains recordings of all monthly community calls, hosted by Fatema Bannat Wala:


Keith Jones has been publishing a ton of Zeek videos recently:

Anatomy Of A Zeek Spicy Protocol Analyzer


BACNet ICS Basics With Zeek


Easily Run Zeek and Spicy in a Docker Container


Create a Zeek Spicy Analyzer from a Template


All four are in this playlist:


Thanks for producing these videos, Keith!

Zeek in the Enterprise

We continue to provide experimental support for Windows. Please consider testing the new code by compiling it on Windows:


Upcoming Events

Our next monthly community call will take place on Wednesday 5 April at 1 pm ET. Register here:


After registering, you will receive a confirmation email containing information about joining the meeting.

If you have any questions please email: fatema@zeek.org

One way to stay informed on video content is to subscribe to the Zeek YouTube channel:


The following playlist contains all 19 videos for ZeekWeek 2022:


Zeek Package Updates

Changes to packages are available via this search:


The https://packages.zeek.org site reported the last 5 updates as of 3 January:

3/2/23, 4:13 AM shodan-zeek

3/1/23, 2:07 PM spicy-plugin

2/26/23, 4:38 PM zeekjs

2/24/23, 11:08 AM IRC-Zeek-package

2/24/23, 10:42 AM zeek-af_packet-plugin

Get Involved

If you have any comments or material for the newsletter please email news@zeek.org or join the #news Slack channel.


The Slack channel has been very active during the past month. Here is an invitation link:


Stay up to date by joining the Zeek Discourse:


Subscribe to our YouTube channel:


Follow us on Twitter:


Follow us on Mastodon:


The old mailing list archives now redirect to this site:


If you’d like to read the Leadership Team meeting notes, they are here:


Follow us on LinkedIn:


To search LinkedIn for jobs mentioning Zeek skills, use this query:


See you next time!