There are 6 repositories under bro topic.
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
Bro IDS Dockerfile
Extract files from network traffic with Zeek.
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Bro IDS + ELK Stack to detect and block data exfiltration
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall
A package manager for Zeek
brostash: Linux distribution based on Debian and focusing on network security events collection
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Go implementation of the Community ID flow hashing standard
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
Docker based Zeek IDS worker cluster
Applied Resiliency for More Trustworthy Grid Operation
Collect and parse Bro logs with Logstash+Filebeat
BILA: BRO IDS Logs Analyzer
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
Splunk configs for Security Onion
DoveHawk Passive DNS Collector Module for Zeek
Elastic Common Schema (ECS) ingest pipeline for Zeek network traffic analyzer