Extensions, Frameworks, & Integrations Used with Zeek
Offered By: Pluralsight
Course Description
Overview
Zeek is a customizable, open-source tool that allows you to monitor the network and analyze events within it. This course will teach how to integrate it with other tools such as Security Onion, Elasticsearch, and Arkime.
Zeek is an event-based network monitoring and analysis tool used to help monitor the network and detect potential threats. It enables users to see the traffic going through our networks and respond to it in different ways. It can use additional packages and integrations to help provide it more capabilities and allow organizations to expand its use. In this course, Extensions, Frameworks, & Integrations Used with Zeek, you will learn all about this tool's frameworks and integrations. First, you will learn about the various extensions, integrations, and packages to be used with Zeek. Next, you will learn about the how Zeek integrates with tools such as Security Onion, Arkime, Elasticsearch, and RockNSM. Finally, you will use file carving and metadata to analyze Zeek data streams, and the intelligence framework to add additional context and intelligence to it. When you're finished with this course, you will have the ability to modify Zeek and integrate it with other tools in order to support your desired use cases and environment.
Zeek is an event-based network monitoring and analysis tool used to help monitor the network and detect potential threats. It enables users to see the traffic going through our networks and respond to it in different ways. It can use additional packages and integrations to help provide it more capabilities and allow organizations to expand its use. In this course, Extensions, Frameworks, & Integrations Used with Zeek, you will learn all about this tool's frameworks and integrations. First, you will learn about the various extensions, integrations, and packages to be used with Zeek. Next, you will learn about the how Zeek integrates with tools such as Security Onion, Arkime, Elasticsearch, and RockNSM. Finally, you will use file carving and metadata to analyze Zeek data streams, and the intelligence framework to add additional context and intelligence to it. When you're finished with this course, you will have the ability to modify Zeek and integrate it with other tools in order to support your desired use cases and environment.
Syllabus
- Course Overview 1min
- Identifying Zeek Integrations 33mins
- Deploying Zeek with Security Onion 22mins
- Ingesting and Enriching Zeek Logs 35mins
- Integrating Zeek with RockNSM 25mins
- Using Intelligence in Zeek 24mins
Taught by
Joe Abraham
Related Courses
Network Security Monitoring (NSM) with Security OnionPluralsight Network Security Analysis Using Wireshark, Snort, and SO
Udemy