Vern Paxson began development work on Zeek in 1995 at Lawrence Berkeley National Lab.

Zeek's purpose is to inspect network traffic and generate a variety of logs describing the activity it sees.

[8] The principal author, Paxson, originally named the software "Bro" as a warning regarding George Orwell's Big Brother from the novel Nineteen Eighty-Four.

[10] The Zeek software on the server deciphers network traffic as logs, writing them to local disk or remote storage.

Zeek analyzers perform application layer decoding, anomaly detection, signature matching and connection analysis.