Zeek: Using Zeek with AWS Traffic Mirroring and Kafka
-
Zeek: Using Zeek with AWS Traffic Mirroring and Kafka
Zeek: Using Zeek with AWS Traffic Mirroring and Kafka
AWS provides a feature that allows mirroring your infrastructure's network traffic to a separate system for analysis purposes. This is called AWS Traffic Mirroring. If you'd like to use Zeek's network traffic analysis capabilities in such a cloudy environment, this blog post explains how to do so using the recently published UDP-based packet source plugin…
Zeek (zeek.org)
-
Zeek: Using Zeek with AWS Traffic Mirroring and Kafka
Zeek: Using Zeek with AWS Traffic Mirroring and Kafka
AWS provides a feature that allows mirroring your infrastructure's network traffic to a separate system for analysis purposes. This is called AWS Traffic Mirroring. If you'd like to use Zeek's network traffic analysis capabilities in such a cloudy environment, this blog post explains how to do so using the recently published UDP-based packet source plugin…
Zeek (zeek.org)
@hackerworkspace I would say why not just have 24/7 pkt cap running as a default - it provides an audit trail #port mirror #pkt cap
-
R relay@relay.infosec.exchange shared this topic
