MODULE 1: Foundations
Lesson 1.1: Zeek Ecosystem Overview
- Part 1 - The Evolution of Zeek
- Part 2 - Understanding Zeek’s Philosophical Foundation
- Part 3 - Zeek in the Network Security Tool Ecosystem
- Part 4 - The Zeek Community and Ecosystem
- Part 5 - Practical Exercises
- Part 6 - Knowledge Validation
Lesson 1.2: Architecture Deep Dive
- Part 1 - The Single-Instance Processing Pipeline
- Part 2 - Cluster Architecture
- Part 3 - Memory Management and Performance Optimization
- Part 4 - Practical Exercises
- Part 5 - Knowledge Validation
Lesson 1.3: Installation + Deployment
- Part 1 - Preparing Your Installation Environment
- Part 2 - Installation Method 1: Package Manager
- Part 3 - Installation Method 2: Compiling From Source
- Part 4 - Installation Method 3: Docker Container
- Part 5 - Configuration + Initial Setup
- Part 6 - Starting Zeek and Capturing Your First Traffic
- Part 7 - Basic Operations + Management
- Part 8 - Practical Exercises
- Part 9 - Knowledge Validation
MODULE 2: Zeek Scripting Fundamentals
Lesson 2.1: Script Language Basics
Part 2 - Scalar Types: Single Values
- Part 2A - Introduction: Understanding Scalar Types in Zeek
- Part 2B - The Count Type: Non-Negative Integers
- Part 2C - The int Type: Signed Integers
- Part 2D - The addr Type: IP Addresses
- Part 2E - The port Type: Network Ports
- Part 2F - The time Type: Timestamps
- Part 2G - The interval Type: Time Durations
- Part 2H - The string Type: Text Data
- Part 2I - The bool Type: Boolean Values
- Part 2J - Writing and Loading Your First Script
- Part 2K - Scalar Types Practical Exercises
- Part 2L - Conclusion