Zeek

Zeek is an open-source network security monitoring and traffic analysis platform used for inspecting network activity, detecting threats, analyzing protocols, and generating detailed security logs for enterprise and cybersecurity environments.

• Performs deep network traffic and protocol analysis.
• Generates detailed logs for HTTP, DNS, SSL/TLS, SSH, FTP, SMTP, and other protocols.
• Helps detect suspicious activity, intrusions, and network anomalies.
• Provides powerful event-driven scripting for custom security monitoring.
• Supports real-time and offline packet capture analysis.
• Integrates with SIEM platforms, threat intelligence feeds, and monitoring systems.
• Scalable for enterprise, cloud, and distributed network environments.
• Widely used for network forensics, incident response, and security operations.

Run:
$ zeek --version