Zeek integration configuration

Zeek is an open-source network security monitoring platform widely used for analyzing network traffic and generating detailed logs about network activities across an organization's infrastructure. It passively monitors network traffic and provides deep visibility into communications by producing structured logs for multiple network protocols and security-relevant events. CloudWatch pipelines allow ingestion of Zeek log data into CloudWatch Logs, providing scalable collection, processing, normalization, and integration with downstream Amazon security and monitoring services.

Topics

Source configuration for Zeek
CloudWatch pipelines configuration for Zeek

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Pipeline configuration

Source configuration