Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Zeek

SuperDB includes functionality and reference configurations specific to working with logs from the Zeek open source network security monitoring tool.

Zeek events can be managed and searched nicely by SuperDB because:

  • Zeek’s type system is compatible with SuperDB;
  • Zeek’s TSV format is readable by SuperDB so these logs can be ingested and searched in super-structured format; and
  • Zeek’s JSON format, while losing the type-richness of Zeek’s TSV format, can be turned back into richly typed data with data-shaping logic defined as SuperSQL scripts.