-
Notifications
You must be signed in to change notification settings - Fork 4
How to use scripts
Davide-Lotito edited this page Nov 8, 2021
·
2 revisions
To use these scripts you can simply download them and use them to parse the pcap files you want.
You can download these scripts to the folder you want, and then use them to parse a pcap file. To download them:
$git clone https://github.com/Davide-Lotito/Zeek-Script.git
Finally an example on how to use a script against a pcap file. Note that Zeek will produce log files in the current directory, that is the one from which the command is launched.
$zeek -r ./exampleDir/filePcap.pcap ./exampleDir2/scriptExample.zeek
Press here to back on the home documentation page.