Version: Tenzir v4.11


The read operator converts raw bytes into events.


read <format>


The read operator parses events by interpreting its input bytes in a given format.


The format used to convert raw bytes into events.

Some formats have format-specific options. Please refer to the documentation of the individual formats for more information.


Read the input bytes as Zeek TSV logs:

read zeek-tsv

Read the input bytes as Suricata Eve JSON:

read suricata