Brim is an open source desktop application for security and network specialists. Brim makes it easy to search and analyze data from:
- packet captures, like those created by Wireshark, and
- structured logs, especially from the Zeek network analysis framework.
Brim is especially useful to security and network operators that need to handle large packet captures, especially those that are cumbersome for Wireshark, tshark, or other packet analyzers.
Brim is built from open source components, including:
- zq, a structured log query engine;
- Electron and React for multi-platform UI;
- Zeek, to generate network analysis data from packet capture files.
The easiest way to install Brim is to download the installation package for your platform from the latest release.
Development and contributing
We'd love your help! Please see the contributing guide for development information like building and testing Brim.
Join the Community
Join our Public Slack workspace for announcements, Q&A, and to trade tips!