Zeek Installation in Ubuntu Easy Method

3 min readMar 8, 2024

What is Zeek?

An open-source protocol analyzer and network security monitoring tool, Zeek was once known as Bro. It is intended to assist enterprises with real-time network traffic monitoring and analysis, offering information on network activity, potential security risks, and performance concerns. Due to its effectiveness in swiftly capturing and processing network data, Zeek is especially well-liked among cybersecurity experts and network managers.

How to install Zeek

In the old article we saw how to install zeek in Ubuntu, but that process takes a lot of time, thus we can use another process to install zeek in Ubuntu.

Update and upgrade the ubuntu using apt.

sudo apt-get update
sudo apt-get upgrade

Install dependencies using the below command.

apt-get install -y --no-install-recommends g++ cmake make libpcap-dev

Now for Ubuntu 22.04 based machines, use the following commands to add zeek repository into binary packages.

echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_22.04/ /' | sudo tee /etc/apt/sources.list.d/security:zeek.list
curl -fsSL https://download.opensuse.org/repositories/security:zeek/xUbuntu_22.04/Release.key | gpg  --dearmor | sudo tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null

Now run the update command and install command to install zeek

sudo apt update
sudo apt install zeek

Once zeek is successfully installed, change the directory to /opt/zeek, export the zeek home directory path into .bashrc file.

nano ~/.bashrc

export PATH=/opt/zeek/bin:$PATH

source ~/.bashrc
which zeek
zeek --version

Now change directory to /opt/zeek/etc and edit node.cfg file, replace interface with system network interface, you can find your system network interface using the below command