Skip to content

Zeek package to detect the Windows version via access to Microsoft CRLs

License

Notifications You must be signed in to change notification settings

zeek-packages/windows-version-detection

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Zeek Package for Windows Version Detection

Zeek master Test Status Documentation Status Coverage Status Template Status

Zeek package to detect the Windows version via access to Microsoft CRLs

Quick Start

If you already have Zeek and zkg installed, simply run:

zkg install https://github.com/zeek-packages/windows-version-detection

If this is being installed on a cluster, install the package on the manager, then deploy it via:

zeekctl deploy

Updating and Unloading

We use SemVer for versioning. For the versions available, see the tags on this repository. You can pass an additional argument to the install command with the desired version.

To upgrade to the latest version run:

zkg upgrade windows-version-detection

You can modify the above command by replacing upgrade with:

  • unload, to configure Zeek to not load the package on startup.
  • load, to configure Zeek to load the package on startup (default after an install).
  • remove, to delete the package from the system.

If you're operating in a cluster, after performing any of the above changes, you'll need to re-run zeekctl deploy.

Installation

Zeek v3.3 Test Status Zeek v3.2 Test Status Zeek v3.1 Test Status Zeek v3.0 Test Status

This is a package designed to run with the Zeek Network Security Monitor. First, get Zeek. We strive to support both the current feature and LTS releases.

The recommended installation method is via the Zeek package manager, zkg. Follow the Quickstart guide.

To have Zeek load packages managed by zkg, ensure that @load packages is being loaded by Zeek.

This package is also tested with the following legacy Zeek (Bro) versions, although their use is strongly discouraged, due to security and performance issues and continued compatability is not supported.

Zeek v2.6 Test Status Zeek v2.5 Test Status Zeek v2.4 Test Status Zeek v2.3 Test Status

Contributing

Contributions are welcome! The easiest way to give back is to comment on issues that are important to you -- even a quick reaction (thumbs-up/heart/thumbs-down) would help us prioritize issues.

There's a more in-depth contribution guide which lays out some ways that anyone can help.

Package Template

This package was created with a template, using Cruft. A CI job checks for updates to the template. To update the package, simply run:

pip install -U cruft
cruft update

License

This project is licensed under the BSD license. See the LICENSE file for details.

About

Zeek package to detect the Windows version via access to Microsoft CRLs

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •