Shodan provides access to the InternetDB using both an API as well as a SQLite file for you to check open ports on various IP addresses. The Zeek integration lets you access that information from within your scripts so you can make decisions based on the open ports, vulnerabilities and other information about the remote IP.
Building Zeek from source requires the following dependencies.
sudo dnf install cmake make gcc gcc-c++ flex bison libpcap-devel openssl-devel python3 python3-devel swig zlib-devel
sudo yum install cmake3 devtoolset-7
scl enable devtoolset-7 bash
sudo apt-get install cmake make gcc g++ flex libfl-dev bison libpcap-dev libssl-dev python3 python3-dev swig zlib1g-dev
Zeek source code release and can be manually downloaded from the download page.
Once you download the .tar.gz file, extract it and run the commands:
./configure && make && sudo make install
After installation, please adjust the PATH environment to the Zeek directory.
export PATH=/usr/local/zeek/bin:$PATH