Welcome to the Zeek Newsletter.
In this Issue:
- TL;DR
- Development Updates
- Zeek in the Community
- Zeek in the Enterprise
- Upcoming Events
- Zeek Package Updates
- Get Involved
TL;DR
There’s plenty of work behind the scenes this month. Check out Keith Jones’ continued series of blog posts and videos if you haven’t seen them already.
Development Updates
As of 30 March, Zeek 5.2.0, is the newest release.
https://community.zeek.org/t/zeek-feature-release-5-2-0/
We encourage users to update to the latest releases to address bugs and security issues. The release notes contain important information:
https://github.com/zeek/zeek/releases/tag/v5.2.0
Of note:
“Experimental support added for building and running Zeek on Microsoft Windows environments. This is considered experimental due to the fact that our standard testing setup (btest) doesn’t run properly on Windows. This will be fixed in the future. In the meantime we have done some basic testing against builds done with Visual Studio 2019. Information on how to build on Windows is available in the Zeek documentation. Note also that Spicy is currently unsupported and will be fixed in the future.
The feature as checked into the repository is not considered production-ready. There are many bugs to squash and features to improve, and we will be steadily fixing things over the next few months.
The Zeek team wants to give a huge thank you to the team at Microsoft for all of their effort in completing this port.”
Zeek in the Community
Thank you for participating in the Zeek community survey earlier this year. We are consolidating and interpreting the results and will share them soon.
Keith Jones has been publishing a ton of Zeek videos recently:
All are in this playlist:
https://www.youtube.com/playlist?list=PLNEVgQAFtunt8SmBf2qjXW5AZf0wkbGip
Thanks for producing these videos, Keith! Here are his corresponding blog posts:
https://drkeithjones.com/index.php/category/zeek/
Seth Gover mentioned that Malcolm v23.03.0 is out, including Zeek v5.0.7, OpenSearch v2.6.0, Arkime v4.2.0 and a number of other updates, improvements and fixes. See the following for details:
https://github.com/idaholab/Malcolm/releases/tag/v23.03.0
The new Kali Purple Linux distribution is now including Zeek and Suricata, per this announcement:
https://www.kali.org/blog/kali-linux-2023-1-release/
Zeek in the Enterprise
We continue to provide experimental support for Windows. Please consider testing the new code by compiling it on Windows:
https://docs.zeek.org/en/master/install.html#building-from-source
Upcoming Events
We are working on a “meet the developers” get-together in Amsterdam on 31 May. We would like to interact with local community members and discuss the Zeek roadmap and related issues. When we have more details, we will share them.
We are working on other small get-togethers for the future. We will use this Amsterdam event to test our ideas.
Our next monthly community call will take place on Wednesday 5 April at 1 pm ET. Register here:
https://zoom.us/meeting/register/tJ0lf-usqzwpGdXz35YcBhYtJOEjvSZcgl6W
After registering, you will receive a confirmation email containing information about joining the meeting.
If you have any questions please email: fatema@zeek.org
One way to stay informed on video content is to subscribe to the Zeek YouTube channel:
https://youtube.com/c/Zeekurity
The following playlist contains all 19 videos for ZeekWeek 2022:
https://www.youtube.com/playlist?list=PL2EYTX8UVCMhWO6m_uanhXLrSPrCMxO74
Zeek Package Updates
Changes to packages are available via this search:
https://github.com/zeek/packages/pulls?q=is%3Apr+is%3Aclosed
The https://packages.zeek.org site reported the last 5 updates as of 3 January:
3/29/23, 4:12 AM shodan-zeek
3/28/23, 8:25 PM ja3
3/28/23, 12:23 PM spicy-plugin
3/27/23, 3:20 PM CVE-2022-24491
3/27/23, 11:28 AM GQUIC_Protocol_Analyzer
Get Involved
If you have any comments or material for the newsletter please email news@zeek.org or join the #news Slack channel.
The Slack channel has been very active during the past month. Here is an invitation link:
https://join.slack.com/t/zeekorg/shared_invite/zt-12z1pjy93-zuVGuT1BF~yUJJvERxhp7g
Stay up to date by joining the Zeek Discourse:
Subscribe to our YouTube channel:
https://youtube.com/c/Zeekurity
Follow us on Twitter:
Follow us on Mastodon:
https://infosec.exchange/@zeek
The old mailing list archives now redirect to this site:
https://community.zeek.org/archives/list/zeek@lists.zeek.org/
If you’d like to read the Leadership Team meeting notes, they are here:
https://github.com/zeek/zeek/wiki/LT-Meeting-Notes
Follow us on LinkedIn:
https://www.linkedin.com/company/zeekurity
To search LinkedIn for jobs mentioning Zeek skills, use this query:
<https://www.linkedin.com/jobs/search/?keywords=zeek>
See you next time!