manpagez: man pages & more
man zeekctl(8)
Home | html | info | man
zeekctl(8)              System Administration Utilities             zeekctl(8)




NAME

       zeekctl - interactive shell for managing Zeek installations


SYNOPSIS

       zeekctl [command]



DESCRIPTION

       zeekctl is an interactive interface for managing either a standalone or
       a Zeek  cluster  installation.   If  a  zeekctl  command  is  specified
       directly  on the command-line, then zeekctl performs the action associ-
       ated with that command immediately (instead of running the  interactive
       interface).

       Before actually running zeekctl you first need to edit the zeekctl.cfg,
       node.cfg, and networks.cfg files. In the zeekctl.cfg file,  you  should
       review  the zeekctl options and make sure the options are set correctly
       for your environment. Next, edit the  node.cfg  file  and  specify  the
       nodes that you will be running. Finally, edit the networks.cfg file and
       list each network that is considered local to the monitored environment
       (see the examples in the file for the format to use).

       When  running  zeekctl  for  the  first  time, you must run the zeekctl
       deploy command before running any other commands in order to apply  the
       configuration settings.  You must also run zeekctl deploy each time you
       change the configuration (including any Zeek scripts) or upgrade  Zeek.


OPTIONS

       capstats [<nodes>] [<secs>]
              Report interface statistics with capstats

       check [<nodes>]
              Check configuration before installing it

       cleanup [--all] [<nodes>]
              Delete working dirs (flush state) on nodes

       config Print zeekctl configuration

       cron [--no-watch]
              Perform jobs intended to run from cron

       cron enable|disable|?
              Enable/disable "cron" jobs

       deploy Check, install, and restart

       df [<nodes>]
              Print nodes' current disk usage

       diag [<nodes>]
              Output diagnostics for nodes

       exec <shell cmd>
              Execute shell command on all hosts

       exit   Exit from the interactive interface

       install
              Update zeekctl installation/configuration

       netstats [<nodes>]
              Print nodes' current packet counters

       nodes  Print node configuration

       peerstatus [<nodes>]
              Print status of nodes' remote connections

       print <id> [<nodes>]
              Print values of script variable at nodes

       process <trace> [<op>] [-- <sc>]
              Run Zeek (with options and scripts) on trace

       restart [--clean] [<nodes>]
              Stop and then restart processing

       scripts [-c] [<nodes>]
              List the Zeek scripts the nodes will load

       start [<nodes>]
              Start processing

       status [<nodes>]
              Summarize node status

       stop [<nodes>]
              Stop processing

       top [<nodes>]
              Show Zeek processes ala top

       Commands provided by plugins:

       ps.zeek [<nodes>]
              Show Zeek processes on nodes' systems


AUTHOR

       zeekctl was written by The Zeek Project <info@zeek.org>.



                                 November 2014                      zeekctl(8)

zeek 3.0.0 - Generated Tue Nov 5 05:56:51 CST 2019
© manpagez.com 2000-2024
Individual documents may contain additional copyright information.