WEBVTT 00:00:01.146 --> 00:00:05.146 Well, that was a lot of learning that we just did. 00:00:05.146 --> 00:00:08.479 We learned quite a bit about the language that Zeek uses and 00:00:08.479 --> 00:00:11.146 saw some of it within our own environment. 00:00:11.146 --> 00:00:14.146 Let's review what we covered here so we can move into the next module 00:00:14.146 --> 00:00:20.146 and continue on with the next portion of our course. 00:00:20.146 --> 00:00:20.896 In this module, 00:00:20.896 --> 00:00:25.146 we were able to talk about many different aspects of the Zeek language. 00:00:25.146 --> 00:00:29.946 We started out by talking about what the Zeek language is and how we can 00:00:29.946 --> 00:00:33.146 compare it to the other languages like Python or Perl. 00:00:33.146 --> 00:00:36.146 We then detailed the signature framework, 00:00:36.146 --> 00:00:39.271 which was one of our frameworks that were briefly 00:00:39.271 --> 00:00:41.146 mentioned in the previous module. 00:00:41.146 --> 00:00:44.813 This signature framework gives us some nice capabilities that we 00:00:44.813 --> 00:00:48.146 can use to add to the functionality of the tool. 00:00:48.146 --> 00:00:48.896 After that, 00:00:48.896 --> 00:00:53.246 we dove into the default scripts that Zeek comes with and looked at 00:00:53.246 --> 00:00:57.146 where they are and how some of them are structured. 00:00:57.146 --> 00:00:59.718 We then discussed some things to think about when writing 00:00:59.718 --> 00:01:03.454 scripts and tuning the system so you can properly do so 00:01:03.454 --> 00:01:06.146 based on what you want to see. 00:01:06.146 --> 00:01:10.328 We briefly discussed some customization options for scripts in Zeek, 00:01:10.328 --> 00:01:14.146 and now we're wrapping up the module. 00:01:14.146 --> 00:01:17.146 This was a tough one, but a fun one to learn. 00:01:17.146 --> 00:01:20.146 Don't go thinking that we're done quite yet though, 00:01:20.146 --> 00:01:23.146 we still have a little bit of learning to do. 00:01:23.146 --> 00:01:23.718 Up next, 00:01:23.718 --> 00:01:28.146 we're going to talk about the various output options that we have with Zeek, 00:01:28.146 --> 00:01:30.146 as well as some ways to customize these. 00:01:30.146 --> 00:01:39.146 I hope to see you in the next module.