drop pcap or pcapng file or zeek conn log · detect port scanning behavior · identify scan techniques syn connect udp and stealth scans · surface scanning source ips targets and scan timing · runs locally
input
drop capture or zeek conn.log
or click
drop pcap · pcapng · zeek conn.log