zeek-json

The zeek-json format is an alias for json with the arguments:

• --selector=_path:zeek
• --unnest-separator="."
• --ndjson

Synoposis

zeek-json [--schema-only] [--raw] [--no-infer]

Common Options (Parser)

The Suricata parser supports some of the common schema inference options.