Skip to content

ZeekWeek - October 2021
Compare
Choose a tag to compare
@mavam mavam released this 07 Aug 12:26
zeekweek21
75e6c21
This commit was signed with the committer’s verified signature. The key has expired.
mavam Matthias Vallentin
GPG key ID: 991D940B02F91603
Expired
Learn about vigilant mode.

At ZeekWeek 2021, we presented how VAST can become a Zeek logger node and transparently receive logs from a Zeek cluster in an optimal fashion. To this end, we wrote a Broker plugin to acquire the binary log data. We then reverse-engineered the binary message format of batched logs, which allowed us to convert them directly into VAST's data plane using Apache Arrow.

(This is a retrospective release to fill in a gap, and not in order of the usual releases.)

Assets 3
Loading