#!/usr/bin/env bash # Instala Zeek en Debian 12/13 + servicio systemd set -euo pipefail #--- instalar gpg sudo apt install -y gpg #--- detectar versión . /etc/os-release case "${VERSION_CODENAME:-}" in trixie) DIST="Debian_13" ;; bookworm) DIST="Debian_12" ;; *) echo "Solo soporta Debian 12/13 (detectado: ${VERSION_CODENAME:-unknown})"; exit 1 ;; esac #--- repo Zeek echo "deb http://download.opensuse.org/repositories/security:/zeek/${DIST}/ /" \ | sudo tee /etc/apt/sources.list.d/security:zeek.list curl -fsSL "https://download.opensuse.org/repositories/security:zeek/${DIST}/Release.key" \ | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null sudo apt update sudo apt install -y --no-install-recommends zeek #--- PATH global echo 'export PATH="$PATH:/opt/zeek/bin"' | sudo tee /etc/profile.d/zeek.sh sudo chmod 644 /etc/profile.d/zeek.sh #--- interfaz por default IFACE="$(ip -o -4 route show to default | awk '{print $5}' | head -n1)" [ -z "$IFACE" ] && { echo "No se detectó interfaz. Edita /opt/zeek/etc/node.cfg manualmente."; exit 1; } #--- node.cfg standalone cat </ (rotados)\e[0m\n" echo -e " \e[96msource /etc/profile.d/zeek.sh \e[0m\n" echo -e "\n\e[92m✅ Execute: sudo systemctl stop zeek && sudo systemctl restart zeek\e[0m" zeek -v