diff --git a/pages/common/zeek.md b/pages/common/zeek.md
new file mode 100644
index 000000000..0e6f2b5e7
--- /dev/null
+++ b/pages/common/zeek.md
@@ -0,0 +1,29 @@
+# zeek
+
+> Passive network traffic analyser.
+> Any output and log files will be saved to the current working directory.
+> More information: <https://docs.zeek.org/en/lts/quickstart.html#zeek-as-a-command-line-utility>.
+
+- Analyze live traffic from a network interface:
+
+`sudo zeek --iface {{interface}}`
+
+- Analyze live traffic from a network interface and load custom scripts:
+
+`sudo zeek --iface {{interface}} {{script1}} {{script2}}`
+
+- Analyze live traffic from a network interface, without loading any scripts:
+
+`sudo zeek --bare-mode --iface {{interface}}`
+
+- Analyze live traffic from a network interface, applying a `tcpdump` filter:
+
+`sudo zeek --filter {{path/to/filter}} --iface {{interface}}`
+
+- Analyze live traffic from a network interface using a watchdog timer:
+
+`sudo zeek --watchdog --iface {{interface}}`
+
+- Analyze traffic from a `pcap` file:
+
+`zeek --readfile {{path/to/file.trace}}`