Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
TA for Zeek app icon

TA for Zeek

This add-on parses open-source Zeek data in JSON and TSV formats, and populates it through into the CIM data model. Compatible with the dashboards and visualizations in the Corelight App for Splunk. Previously maintained by Splunk as the "Splunk Add-on for Zeek aka Bro", now maintained by Corelight as part of its ongoing support for the Zeek project.

Built by
splunk product badge
Latest Version 1.0.11
August 21, 2025
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3
CIM Version: 6.x
Rating

0

(0)

Log in to rate this app
Support
TA for Zeek support icon
Developer Supported addon
Ranking

#2

in Network Security

#30

in Security, Fraud & Compliance
This add-on parses open-source Zeek data in JSON and TSV formats, and populates it through into the CIM data model. Compatible with the dashboards and visualizations in the Corelight App for Splunk. Previously maintained by Splunk as the "Splunk Add-on for Zeek aka Bro", now maintained by Corelight as part of its ongoing support for the Zeek project.

Categories

Created By

Corelight Inc

Type

addon

Downloads

67,609

Licensing

Splunk Answers

Resources

Log in to report this app listing