/zeek-plugin-bacnet

Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol

Primary LanguageZeekBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Zeek Plugin BACnet

When running as part of your Zeek installation this plugin will produce a bacnet.log file containing metadata extracted from any BACnet traffic observed on UDP port 47808.

Installation and Usage

zeek-plugin-bacnet is distributed as a Zeek package and is compatible with the zkg command line tool.

Sharing and Contributing

This code is made available under the BSD-3-Clause license. Guidelines for contributing are available as well as a pull request template. A Dockerfile has been included in the repository to assist with setting up an environment for testing any changes to the plugin.

Related Work