Hi Scot, > Does zeek have support to send syslog events? It has basic support to send stuff to syslog - there is a syslog function: https://docs.zeek.org/en/current/scripts/base/bif/zeek.bif.zeek.html#id-syslog Note - this is not really nicely tied into anything. However it should in principle work - it is a very thin layer around the libc syslog call. Johanna