zeek-devel (net/zeek) Updated: 4 days, 15 hours ago Add to my watchlist
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. Zeek is the new name for the long-established Bro system. Note that parts of the system retain the Bro name, and it also often appears in the documentation and distributions.
Version: 7.0.4 License: BSD GitHubMaintainers | Schamschula |
Categories | net security |
Homepage | https://www.zeek.org/ |
Platforms | {darwin >= 19} |
Variants |
|
Subport(s) (1)
"zeek-devel" depends on
lib (10)
build (6)
Ports that depend on "zeek-devel"
No ports
Port notes
You'll need to set your ZEEKHOME to ${prefix}/share/zeek and your
ZEEKPATH to ${prefix}/share/zeek/site:${prefix}/share/zeek/policy
to use the provided policies.
Check online documentation to finish install
https://docs.zeek.org/en/stable/quickstart/index.html
1) review config: node.cfg, network.cfg, zeekctl.cfg
especially network interface, MailTo
Existing files have not been modified
2) Run as root or with sudo
# zeekctl
[ZeekControl] > install
[ZeekControl] > start
3) Use scheduled task for maintenance
# ln -s ${prefix}/Library/LaunchDaemons/org.macports.zeek.plist /Library/LaunchDaemons/
# launchctl load -w /Library/LaunchDaemons/org.macports.zeek.plist
**** UPGRADING ****
Paths have been changed to respect macports hierarchy
${prefix}/etc -> ${prefix}/etc/zeek
${prefix}/spool -> ${prefix}/var/spool/zeek
${prefix}/logs -> ${prefix}/var/log/zeek A startup item has been generated that will aid in starting zeek-devel with launchd. It is disabled by default. Execute the following command to start it, and to cause it to launch at startup:
sudo port load zeek-devel
Port Health:
Loading Port Health