Installing and configuring Zeek for Napatech Link-Capture™ Software.
Introduction
Zeek is an open source Unix-based network monitoring framework.
- Zeek can be installed from binary packages and use libpcap interfaces to Napatech Link-Capture™ Software.
- To get optimal performance, install a Napatech packet source plugin for Zeek.
Package-based installation
Find a suitable precompiled Zeek package for your OS distribution. See Installing and Running libpcap Applications for general information about how to install and use package-based applications with Napatech libpcap.
See DN-0428 for more information about configuration of Napatech libpcap.
For general information about installation of Zeek, see https://docs.zeek.org/en/master/get-started.html.
For installation instructions for specific Zeek versions, see the INSTALL file in the Zeek package.
To use the Napatech interfaces, edit the node.cfg file according to your specific configuration.
# Example ZeekControl node configuration. # #This example has a standalone node ready to go except for possibly changing # the sniffing interface. # This is a complete standalone configuration. Most likely you will # only need to change the interface. #[zeek] #type=standalone #host=localhost #interface=eth0 ## Below is an example clustered configuration. If you use this, ## remove the [zeek] node above. [manager] type=manager host=localhost [proxy-1] type=proxy host=localhost [worker-1] type=worker host=localhost interface=napa0 [worker-2] type=worker host=localhost interface=napa1
Napatech packet source plugin for Zeek
- Install Napatech Link-Capture™ Software. See Installing Napatech Link-Capture™ Software.
- Install Zeek, Zeek Package Manager and Zeek source.
- Install zeek-napatech, using Zeek Package Manager.
Related links
Zeek site: https://zeek.org/
Zeek source: https://github.com/zeek
Zeek documentation: https://docs.zeek.org/en/master/
Zeek installation from source: https://docs.zeek.org/en/master/install.html#installing-from-source
Zeek binary packages: https://zeek.org/get-zeek/
Zeek Package Manager documentation: https://docs.zeek.org/projects/package-manager/en/stable/
Napatech packet source plugin for Zeek: https://github.com/napatech/zeek_plugin