We’ve been itching to get another release in your hands. Today, that itch has been satisfactorily scratched. Let’s run through the best parts of this June 2024 release.
Zui Highlights
Inline Editor Errors
Red squiggly lines! The Zui app can now detect errors in the query and mark them up within the query editor as you’re writing! It can underline your semantic errors in addition to syntax problems. Here’s an example trying to query a pool that does not exist.
Apple Silicon Support
We are now creating Apple silicon builds for Zui. We previously only built for Intel and relied on Rosetta to run on the “M” chips. If you are on a newer Mac, you’ll enjoy a performance boost thanks to our friends in Cupertino.
If you’ve been running prior Zui releases on your Apple silicon Mac, you’ll need to perform a one-time manual reinstall to take advantage of the new builds. See this support article for details.
Microsoft Defender Warnings
Heads up! If you are a Windows user installing Zui for the first time, you may encounter fresh, menacing warnings from Microsoft Defender about the software. The “powers that be” have mandated a new and improved process for code-signing Windows applications. Unfortunately, this means Zui must regain its “reputation” with Defender. We’ve jumped through these hoops before and in a few months we expect Zui will move out of the “unknown app” territory. See this troubleshooting guide for more information.
New Settings Pane
The Settings pane received a makeover and a couple new options you may configure:
- Extend the default Suricata rules with your own custom additions by pointing to a “rules folder”.
- Specify a folder for storing extracted pcap slices.
Feature Video: Packet Captures
Many of our early users first loved Zui (then called Brim) for its tight integration of Zeek, Suricata, and packet captures. We made a video back then showing off the features, but it’s now very outdated so we’ve refreshed the video to highlight the pcap features in the latest version of Zui.
Zed Highlights
Pretty JSON
You can now pretty print JSON data (with color) using the Zed command-line tools. Beautiful JSON can be achieved by using the options -f JSON -pretty 2
or the shorthand -J
to zq
or zed query
. The number passed to the --pretty
option is the number of spaces to indent nested data.
F-Strings
The Zed language now supports formatted string literals or “f-strings”. You can write expressions within strings that contain the ‘f’ prefix. For example…
echo '{numerator:22.0, denominator:7.0}' \
| zq -z 'yield f"pi is approximately {numerator / denominator}"' -
will output…
"pi is approximately 3.142857142857143"
Download Yours
Download the latest versions of Zui and Zed on our download page or keep an eye out for the auto-update pop-up notification in the app.
Read about every change in the full release notes for Zed and Zui.