Zeek + Kafka + Spark + KSQL = ZStreams
ZStreams helps you analyze Zeek data with the latest streaming toolkits. With ZStreams you can quickly and easily start analyzing Zeek output with examples that help lead you through the some of the fairly steep learning curves for Kafka, KSQL, and Spark.
-
Zeek with Kafka Plugin: If this isn't already setup then you'll need to install the Zeek Kafka plugin/package, see our help guide here: Kafka_Setup
-
Kafka Broker/KSQL: If you don't already have this I highly recommend using the Confluent/Kafka 'all-in-one' docker setup... conveniently available in the ZStreams repo...
$ git clone git@github.com:SuperCowPowers/zstreams.git $ cd zstreams/docker $ docker-compose up -d
$ pip install zstreams
Welcome to the examples, before getting started let's make sure that everything is setup and ready to go: Ready Check, All Systems Go?
- (1)
- (2)
- (1)
- (2)
- (1)
- (2)
- (1)
- (2)