mirror of
https://github.com/tldr-pages/tldr.git
synced 2024-09-20 08:17:53 +03:00
zeek: add page (#5453)
This commit is contained in:
parent
e597948273
commit
443a6d224b
29
pages/common/zeek.md
Normal file
29
pages/common/zeek.md
Normal file
@ -0,0 +1,29 @@
|
||||
# zeek
|
||||
|
||||
> Passive network traffic analyser.
|
||||
> Any output and log files will be saved to the current working directory.
|
||||
> More information: <https://docs.zeek.org/en/lts/quickstart.html#zeek-as-a-command-line-utility>.
|
||||
|
||||
- Analyze live traffic from a network interface:
|
||||
|
||||
`sudo zeek --iface {{interface}}`
|
||||
|
||||
- Analyze live traffic from a network interface and load custom scripts:
|
||||
|
||||
`sudo zeek --iface {{interface}} {{script1}} {{script2}}`
|
||||
|
||||
- Analyze live traffic from a network interface, without loading any scripts:
|
||||
|
||||
`sudo zeek --bare-mode --iface {{interface}}`
|
||||
|
||||
- Analyze live traffic from a network interface, applying a `tcpdump` filter:
|
||||
|
||||
`sudo zeek --filter {{path/to/filter}} --iface {{interface}}`
|
||||
|
||||
- Analyze live traffic from a network interface using a watchdog timer:
|
||||
|
||||
`sudo zeek --watchdog --iface {{interface}}`
|
||||
|
||||
- Analyze traffic from a `pcap` file:
|
||||
|
||||
`zeek --readfile {{path/to/file.trace}}`
|
Loading…
Reference in New Issue
Block a user