diff --git a/README.md b/README.md
index 0aff786..783087e 100644
--- a/README.md
+++ b/README.md
@@ -1,16 +1,16 @@
 # Sample Data
 
-To help you get started quickly with [`zq`](https://github.com/brimdata/zq), this repository contains small sample sets of [Zeek](https://www.zeek.org/) data. There are six different log formats available, all representing events based on the same network traffic:
+To help you get started quickly with [`zq`](https://zed.brimdata.io/docs/commands/zq), this repository contains small sample sets of [Zeek](https://www.zeek.org/) data. There are six different log formats available, all representing events based on the same network traffic:
 
 | Directory | Format |
 |-----------|--------|
 | [zeek-default/](zeek-default) | [Zeek default output format](https://docs.zeek.org/en/master/log-formats.html#zeek-tsv-format-logs) |
-| [zeek-ndjson/](zeek-ndjson) | [ Newline-delimited JSON (NDJSON)](http://ndjson.org/), as output by the Zeek package for [JSON Streaming Logs](https://github.com/corelight/json-streaming-logs) |
-| [zng/](zng) | binary [ZNG](https://github.com/brimdata/zq/blob/master/zng/docs/README.md), output with [`zq`](https://github.com/brimdata/zq)'s default LZ4-compressed format |
-| [zng-uncompressed/](zng-uncompressed) | binary [ZNG](https://github.com/brimdata/zq/blob/master/zng/docs/README.md), output with [`zq`](https://github.com/brimdata/zq)'s option `-znglz4blocksize 0` to disable compression |
-| [zson/](zson) | [ZSON](https://github.com/brimdata/zq/blob/master/zng/docs/zson.md), a ZNG text output format of [`zq`](https://github.com/brimdata/zq) that has the look and feel of JSON |
+| [zeek-ndjson/](zeek-ndjson) | [ Newline-delimited JSON (NDJSON)](https://en.wikipedia.org/wiki/JSON_streaming#NDJSON), as output by the Zeek package for [JSON Streaming Logs](https://github.com/corelight/json-streaming-logs) |
+| [zng/](zng) | Binary [ZNG](https://zed.brimdata.io/docs/formats/zng), output with [`zq`](https://zed.brimdata.io/docs/commands/zq)'s default LZ4-compressed format |
+| [zng-uncompressed/](zng-uncompressed) | Binary [ZNG](https://zed.brimdata.io/docs/formats/zng), output with [`zq`](https://zed.brimdata.io/docs/commands/zq)'s option `-zng.compress=false` to disable compression |
+| [zson/](zson) | [ZSON](https://zed.brimdata.io/docs/formats/zson), a Zed text output format that has the look and feel of JSON |
 
-The examples in the [`zq`](https://github.com/brimdata/zq) documentation are based on this sample data.
+This sample data is used frequently for a [simple Zed performance test](https://github.com/brimdata/zed/blob/main/performance/README.md) and to [check for unexpected changes in the Zed output formats](https://github.com/brimdata/zed/blob/main/scripts/output-check.sh).
 
 # Downloading
 
@@ -32,10 +32,11 @@ We would like to express our thanks to the WRCCDC for generously making their pa
 
 # Creation
 
-The data set was made from the several PCAP files in the 2018 set. [Zeek v3.0.0](https://github.com/zeek/zeek/releases/tag/v3.0.0) was used in its default configuration with the only change being the addition/enabling of the [JSON Streaming Logs](https://github.com/corelight/json-streaming-logs) package. The packet captures were then processed via the command-line:
+The data set was made from the several PCAP files in the 2018 set. [Zeek v6.2.0](https://github.com/zeek/zeek/releases/tag/v6.2.0) was used in its default configuration with the only change being the addition/enabling of the [JSON Streaming Logs](https://github.com/corelight/json-streaming-logs) package. The packet captures were then processed via the command-lines:
 
 ```
-# zeek -r wrccdc.2018-03-24.101533000000000.pcap -r wrccdc.2018-03-24.101551000000000.pcap -r wrccdc.2018-03-24.101610000000000.pcap -r wrccdc.2018-03-24.101629000000000.pcap -r wrccdc.2018-03-24.101737000000000.pcap -r wrccdc.2018-03-24.101939000000000.pcap -r wrccdc.2018-03-24.102051000000000.pcap -r wrccdc.2018-03-24.102126000000000.pcap -r wrccdc.2018-03-24.102233000000000.pcap -r wrccdc.2018-03-24.102443000000000.pcap -r wrccdc.2018-03-24.102602000000000.pcap -r wrccdc.2018-03-24.102643000000000.pcap -r wrccdc.2018-03-24.102717000000000.pcap -r wrccdc.2018-03-24.102733000000000.pcap -r wrccdc.2018-03-24.102747000000000.pcap -r wrccdc.2018-03-24.102831000000000.pcap -r wrccdc.2018-03-24.102920000000000.pcap -r wrccdc.2018-03-24.103009000000000.pcap -r wrccdc.2018-03-24.103049000000000.pcap -r wrccdc.2018-03-24.103117000000000.pcap -r wrccdc.2018-03-24.103152000000000.pcap -r wrccdc.2018-03-24.103210000000000.pcap -r wrccdc.2018-03-24.103224000000000.pcap -r wrccdc.2018-03-24.103256000000000.pcap -r wrccdc.2018-03-24.103420000000000.pcap -r wrccdc.2018-03-24.103630000000000.pcap local
+# mergecap -w wrccdc.pcap wrccdc.2018-03-24.10*.pcap
+# zeek -r wrccdc.pcap local "JSONStreaming::enable_log_rotation=F"
 ```
 
 This produced the logs in Zeek default and NDJSON formats. As ZNG and ZSON are not yet output directly by Zeek, these logs were created by sending each Zeek default log through `zq`, e.g.:
@@ -51,7 +52,7 @@ done
 # mkdir -p zng-uncompressed && \
 for file in zeek-default/*
 do
-  zq -f zng -znglz4blocksize 0 "$file" \
+  zq -f zng -zng.compress=false "$file" \
       | gzip -n > zng-uncompressed/"$(basename "$file" | sed 's/\.log\.gz//')".zng.gz
 done
 
diff --git a/md5sums/zng b/md5sums/zng
index fb3aca3..abb43c7 100644
--- a/md5sums/zng
+++ b/md5sums/zng
@@ -1,26 +1,36 @@
-capture_loss:92d8a8a18041bf6d78189209f02c0a4c
-conn:e99dbfb54e94eeae920a43f547c895f6
-dce_rpc:c549ee801fc2da05b80473514a07ff95
-dns:dabd4161e30a2c4e2b63bee19c7c395f
-dpd:415cbbeed3fd0aeb97db1570d6c1b4db
-files:cba7951023c2848c2f76ce4de02e48c2
-ftp:e0e4f49f78fd6dae9a03fd007c1169e5
-http:a10a889fd2b1ad1e42ab066340c2b4db
-kerberos:c7b06cdd7163c0cf4266c9ac3707fe3c
-modbus:5966d60603d808277e64cd98536483dc
-notice:914c1b2d07b1370917274e0181afcabf
-ntlm:4eaab977262ad8ac383a73e5edae4772
-ntp:1965e75929f758481dd356cb0d1aeb1a
-pe:66d56f07d716f4b8a5f6a5693c689243
-rdp:0a3c1a1126dba7115c11729055d56108
-rfb:748927832a4565831d77535425038eec
-smb_files:37e68052fb17e824e49fe9ed3ed6ff9c
-smb_mapping:15fe54ab465b2d422b2aa48bcd78c8e1
-smtp:e95e25762333c01ae04b1159ca1c1b53
-snmp:04941d296dfd10fd1067adadab284c1e
-ssh:6ff6ec00c4c56b216aab75a9a567784f
-ssl:d1bf2b87d4b32f54c4dd4d832028a446
-stats:703de2dcf341d4bd35f04d3b89877333
-syslog:439ea964973d00e2b44a4e02d8179fd8
-weird:528b0a6d4da21b8d992733b4046d8a6e
-x509:c0ad02d20e1d1fe44a38eed33db876ca
+analyzer:8aabe65742d17209804cef57340000c0
+capture_loss:4c602cc3dabfc4b8e9f6590f8e2edaf5
+conn:13ee6718dd47a457b87cd48748079a96
+dce_rpc:89d560f929c8726296a0279ecbdeccd0
+dns:fd68bcf09ec7c5480eb56a97205f0c91
+dpd:42355ff39603b66e98693fadfecb08c1
+files:c87972623363eaa2b90eb14f4ee60898
+ftp:60cad16dc98ec45c1792f76f03898d7a
+http:c13ce9f137713f97e11366ad46447ebd
+kerberos:807fb7ab546872314cf56a81a9452457
+known_certs:1bf4100c4edcfe8e8c819a65ae3423b7
+known_hosts:0bb1508e381a43b229860abeeb019696
+known_services:bc0f9f36b27eaa3cea2b4ad2079acd0f
+ldap_search:d6f0deb6fe127fc522a880bb7e7ef519
+loaded_scripts:2899424f4186608043b756b86d550613
+modbus:84222a4092c1454f92e731c9590f7619
+notice:bc588f0c7ee88aaa4fff4be3ce5fe9bd
+ntlm:62bb78d857dbb73ad46ae396a8e1f7f9
+ntp:aadec415f2f99bad712a30783d7cf628
+ocsp:925a27aa2c7cea41d5a8293d8732ba7a
+packet_filter:f68f0e0e90ceef7430709eacca2a99d0
+pe:b7ec4772500a37d9749cd3d2a319057e
+rdp:bb336a12284ed030308d213db17b19a4
+rfb:aa2f693c7a248e74ca538d78600f9d08
+smb_files:731f24a9b94e44a3e4ffed9428e54537
+smb_mapping:fef339193c461065094dafcb431d313b
+smtp:146ca6250cbd5c2a98e80a003c023daf
+snmp:49361b2e719d0d2f4a3d6e6b5b7b0109
+software:beb09ed984838ba1f022494bac367a2c
+ssh:14936440c89dee472b2b69c5bc7275db
+ssl:189b6d69f5d11b81395c7710e8ab30e7
+stats:fda885f95d87571f67af387147c5f6be
+syslog:f5222f238f183f2aae0a571ef45241a9
+telemetry:4df9fc9bc4a2b02b8a203dc24713fb70
+weird:d1846377524223d74f637fb900da4679
+x509:f6aecda3c1c59e672452b00022c2389f
diff --git a/md5sums/zng-uncompressed b/md5sums/zng-uncompressed
index fa18a19..ae5d0e7 100644
--- a/md5sums/zng-uncompressed
+++ b/md5sums/zng-uncompressed
@@ -1,26 +1,36 @@
-capture_loss:8c99546a1aeed2313c2d28d50f0cfa42
-conn:52228363b66032359e6657094b14751b
-dce_rpc:6db758881ad2ccffa351dfe466ae6421
-dns:86e23c6deeaf6cab40ddbb443cbf62e3
-dpd:a7ecba1624fdc8ed4eb68baecb8b9493
-files:b1a39a74b9f676f817aaba473deb7231
-ftp:e09d2931367872d69edfdbdd5599b453
-http:cbb9d1f4a0c42d1824a0c854d7def527
-kerberos:c92657bfd4b8ff0bcd80a1903cc3c08d
-modbus:c60e84b4f2b4c187d8628b5409fd956d
-notice:bbac823c53af63fe36a403f7c45b8948
-ntlm:b3422234680d1854493c37ee270ceffe
-ntp:a1d1ad10013488b0326b1eba8e27a820
-pe:eb399e9aa21c070789c80f8609d02139
-rdp:330810f6b929cf04d6e3caf55eef0084
-rfb:4d1cb20ea46d0e9728227bebac1ac3ac
-smb_files:3c8fbacdeb679e4cbab80db0e0107abe
-smb_mapping:05238ef87675caeaaa9d9d3bce89ab6e
-smtp:f3999eead10760d5a977bb45a407b684
-snmp:58eb8d5f15377fa89798a27dab3c1218
-ssh:968183abf6f95045ebfc5dc2ed8aa2b4
-ssl:d50369cdf62fbdcb09c38b2e0f8813eb
-stats:c4e4f9839a6b6af08b79883271dbd957
-syslog:7a3b95d664976ba5635e3c9022a52653
-weird:2e41209da9bb6261ea2acb675e48c1bf
-x509:acb0e0f64de362706ff91d0f1d0dfd71
+analyzer:eadad5f34cbf5377e4d2649ff3a64c22
+capture_loss:7eb7696589743190ae1877b7221d5b9f
+conn:827d87080581919ad65bba8a77af7eab
+dce_rpc:102b4bc3bdb0396e18fe5cd2f0eb3e2e
+dns:ddf5276a71e65f1695468c5486e54d59
+dpd:dd88cf568fd82f96dae43fb34fe622e4
+files:43bf9323f2e72c9e72ac4ca3d8b52f05
+ftp:e3732ee28410b84e6e1ef13627effcb1
+http:42a35c1a19aa63f1db16fbd1b723e56a
+kerberos:da961c2d1a8d3338056f32f8eaa8ee2e
+known_certs:1a3715788e5251c34c7cb80cf3448cd7
+known_hosts:3e19559838d498a4441c4df3178a8af6
+known_services:035b732158ff1cd3526b500f093fb2ba
+ldap_search:7a2e8f874c836ec921eab7889be39d67
+loaded_scripts:ef7262ebbcf33a8fe8fdb28b41389c71
+modbus:2439ed3a00bb8a90ac025266eab98950
+notice:eab9ef9a257dde728b3a54ab2b902ba9
+ntlm:2092ad9c3d5559275cab80a89058c453
+ntp:f64f042ac25c196d2871262f9e723488
+ocsp:6d8ea1ccfb4a79d443538101c842507e
+packet_filter:f68f0e0e90ceef7430709eacca2a99d0
+pe:ee45975f85dff4f651eaea79d4d766e4
+rdp:8e84327004b7999bd43323089f95901d
+rfb:7ddd7f32f5f8c9c5a57f0b7489c9791b
+smb_files:04efab1c4e40e4c49f6f5066bfbdc0d7
+smb_mapping:e200c495e0b36952fea8408543160ba6
+smtp:3bd56fbf9d56853d3ca762631b65162d
+snmp:3e1225654b0a7f49e26bbd6765578b06
+software:4e879757964c988631edcbd8f0614561
+ssh:064d63df6216d4ca86da5d74ee9f31db
+ssl:eef46cf85a047d160ef8a23090cb231f
+stats:6008aa1924d8145501cad380226b426c
+syslog:1ef23c05b506b7746e7d179d8f02bc7e
+telemetry:68d3e44db7ceafcd09be5ac3b48903a9
+weird:a238ebdcbda477dffef3841ba1f3dde1
+x509:862c49277511a9059a5a3b2cfc82e3b2
diff --git a/md5sums/zson b/md5sums/zson
index c4742a4..6d7e65e 100644
--- a/md5sums/zson
+++ b/md5sums/zson
@@ -1,26 +1,36 @@
-capture_loss:61984a52237002e0ff0ae09e0d2ee1df
-conn:6c2a7c65a67d9f2bc32fc248c40c9a17
-dce_rpc:b96e407dcd00b5241dcaa89e1018027f
-dns:f9249e8f5caed88e48635ef8f6945d94
-dpd:b9e97805cbbfd3916ab4f08e978f4608
-files:03b9a432eddbc7ebb5363cf38fcbf987
-ftp:5d20c4d3510e0f9e99f539fdfbe9852d
-http:d463d48ba9dcd87cd061246af22cddef
-kerberos:cb5bf0c11f265bcd491a732983db34ab
-modbus:a51757f55d284eaa3e6c6dcd84652867
-notice:48e1bc3fa6f12a090e3dd660d60f9ffe
-ntlm:2ef3f4aaed1f43d22352534ba653752b
-ntp:a6feb1eda43f0a6fae12369483cd0975
-pe:1e263b8b412e6a690e7f35f7b8c162df
-rdp:572cead5bce7c87e6f9f0fb6c7bdb34a
-rfb:2b89d77d8b0f08e4321e0646573bf5a7
-smb_files:2185d72bff4bfadff8cdb3438fb1f440
-smb_mapping:2d3d49612f1ee4543321d4c91d38c706
-smtp:6732f6b16a6850f7f7f6334c1759c083
-snmp:0699499bae41d9764044f7d06e80c995
-ssh:8ae5706fe68ff7ee723d0fa5e4dae666
-ssl:ce05238450b17c79217c0b6e6fa79a15
-stats:ec7725d96c62b18b07f30ad5af258a56
-syslog:4939f38e152e73b26f21a1d9710737b1
-weird:7423ca863e0d3e33f1e3701e2a54031f
-x509:018916280c61b4f19e19d63c725c7560
+analyzer:cd833c75b5a9bbab3116303fbd4dd086
+capture_loss:1af8d95416dd81c8b0e2cb5cac76b13e
+conn:81f064849ca31eaca68aeeef12427abd
+dce_rpc:452fbd9bc1502df2a5972785fec9edf2
+dns:695ba5d93931bba71f060a880a1e9826
+dpd:c8b54ae460f683bba5915c5418fc3b88
+files:8f90253de557320a29b2d408f66b82f5
+ftp:c660c8cd8f6946d6dfa06687831a6492
+http:50bf245387cf0b6697a31ccc45d44a4d
+kerberos:6b347fcab133c39ac1ae37b86e243271
+known_certs:fd9c565c14af88296587f6f151e97620
+known_hosts:d4e2c77cc918b0de53fc0a297fbb414d
+known_services:69ac9931de9d669a1596a1703e1e088b
+ldap_search:502af7e9d108331c9cc0b35b7722249d
+loaded_scripts:9f3c4837a67b685fcebb087429b3bfd5
+modbus:bac07bc6c1001653b48a554514930462
+notice:8fee58b9d39338723f7e74ca8c839460
+ntlm:7054853cee7569f68afd06bfb861c76f
+ntp:ffc58810ce34b13d8e79d3269954f138
+ocsp:c343fa77bd761c74f974bb87a33422f8
+packet_filter:5f5ed76947f7356b9c43774c2ef18a09
+pe:7aab500874a553e6ac620f76813527d6
+rdp:7d3b63b3c209588278905c09f49baeb3
+rfb:88e802e3b6289ab0790b9e9b1814bc51
+smb_files:447f2314dfcd679b17817bbfee2caf76
+smb_mapping:7f9fa834e22b86120deaa1d5c7b1e0c3
+smtp:3b97a737e3e30fc4f45d2677093fefc2
+snmp:d3acf74f79be8d661f16d8477311cfe5
+software:4118d60d162698471ac990946c8dae1e
+ssh:10fb1986ee3de9228ab51b60f367bb90
+ssl:1581232ec414e70cc3c6d8b89d8563bc
+stats:42ec309a5d469228c26a8bfd02b0dd9e
+syslog:8c759a8eed42a67eb3f3d549fdde5ae1
+telemetry:5c80902b58abb91080557351fc25dbe8
+weird:c41b087af30fb29173687ff7a017a608
+x509:f235c158236883cebcfc8e8af2a69385
diff --git a/zeek-default/analyzer.log.gz b/zeek-default/analyzer.log.gz
new file mode 100644
index 0000000..68ef90d
Binary files /dev/null and b/zeek-default/analyzer.log.gz differ
diff --git a/zeek-default/capture_loss.log.gz b/zeek-default/capture_loss.log.gz
index 215486a..9b3cb55 100644
Binary files a/zeek-default/capture_loss.log.gz and b/zeek-default/capture_loss.log.gz differ
diff --git a/zeek-default/conn.log.gz b/zeek-default/conn.log.gz
index adfabe7..a44f3ee 100644
Binary files a/zeek-default/conn.log.gz and b/zeek-default/conn.log.gz differ
diff --git a/zeek-default/dce_rpc.log.gz b/zeek-default/dce_rpc.log.gz
index 74d82db..877ee34 100644
Binary files a/zeek-default/dce_rpc.log.gz and b/zeek-default/dce_rpc.log.gz differ
diff --git a/zeek-default/dns.log.gz b/zeek-default/dns.log.gz
index d387c19..094455d 100644
Binary files a/zeek-default/dns.log.gz and b/zeek-default/dns.log.gz differ
diff --git a/zeek-default/dpd.log.gz b/zeek-default/dpd.log.gz
index 492d601..94676e8 100644
Binary files a/zeek-default/dpd.log.gz and b/zeek-default/dpd.log.gz differ
diff --git a/zeek-default/files.log.gz b/zeek-default/files.log.gz
index a4253ab..b02cca8 100644
Binary files a/zeek-default/files.log.gz and b/zeek-default/files.log.gz differ
diff --git a/zeek-default/ftp.log.gz b/zeek-default/ftp.log.gz
index 7282b66..36cd256 100644
Binary files a/zeek-default/ftp.log.gz and b/zeek-default/ftp.log.gz differ
diff --git a/zeek-default/http.log.gz b/zeek-default/http.log.gz
index 16def84..f399dfc 100644
Binary files a/zeek-default/http.log.gz and b/zeek-default/http.log.gz differ
diff --git a/zeek-default/kerberos.log.gz b/zeek-default/kerberos.log.gz
index ce4a82c..cdf8de2 100644
Binary files a/zeek-default/kerberos.log.gz and b/zeek-default/kerberos.log.gz differ
diff --git a/zeek-default/known_certs.log.gz b/zeek-default/known_certs.log.gz
new file mode 100644
index 0000000..0c6f7f9
Binary files /dev/null and b/zeek-default/known_certs.log.gz differ
diff --git a/zeek-default/known_hosts.log.gz b/zeek-default/known_hosts.log.gz
new file mode 100644
index 0000000..8e00960
Binary files /dev/null and b/zeek-default/known_hosts.log.gz differ
diff --git a/zeek-default/known_services.log.gz b/zeek-default/known_services.log.gz
new file mode 100644
index 0000000..ffb2318
Binary files /dev/null and b/zeek-default/known_services.log.gz differ
diff --git a/zeek-default/ldap_search.log.gz b/zeek-default/ldap_search.log.gz
new file mode 100644
index 0000000..20c0203
Binary files /dev/null and b/zeek-default/ldap_search.log.gz differ
diff --git a/zeek-default/loaded_scripts.log.gz b/zeek-default/loaded_scripts.log.gz
new file mode 100644
index 0000000..286dc4c
Binary files /dev/null and b/zeek-default/loaded_scripts.log.gz differ
diff --git a/zeek-default/modbus.log.gz b/zeek-default/modbus.log.gz
index d3f8a22..006d204 100644
Binary files a/zeek-default/modbus.log.gz and b/zeek-default/modbus.log.gz differ
diff --git a/zeek-default/notice.log.gz b/zeek-default/notice.log.gz
index 1e0a12c..356de4b 100644
Binary files a/zeek-default/notice.log.gz and b/zeek-default/notice.log.gz differ
diff --git a/zeek-default/ntlm.log.gz b/zeek-default/ntlm.log.gz
index f4eaf51..8f6cbc0 100644
Binary files a/zeek-default/ntlm.log.gz and b/zeek-default/ntlm.log.gz differ
diff --git a/zeek-default/ntp.log.gz b/zeek-default/ntp.log.gz
index 73d85e2..05159da 100644
Binary files a/zeek-default/ntp.log.gz and b/zeek-default/ntp.log.gz differ
diff --git a/zeek-default/ocsp.log.gz b/zeek-default/ocsp.log.gz
new file mode 100644
index 0000000..0137c2f
Binary files /dev/null and b/zeek-default/ocsp.log.gz differ
diff --git a/zeek-default/packet_filter.log.gz b/zeek-default/packet_filter.log.gz
new file mode 100644
index 0000000..23b52e8
Binary files /dev/null and b/zeek-default/packet_filter.log.gz differ
diff --git a/zeek-default/pe.log.gz b/zeek-default/pe.log.gz
index 0597105..4a4a39b 100644
Binary files a/zeek-default/pe.log.gz and b/zeek-default/pe.log.gz differ
diff --git a/zeek-default/rdp.log.gz b/zeek-default/rdp.log.gz
index 17629fe..c2ecb8a 100644
Binary files a/zeek-default/rdp.log.gz and b/zeek-default/rdp.log.gz differ
diff --git a/zeek-default/rfb.log.gz b/zeek-default/rfb.log.gz
index 94d0f25..7b62048 100644
Binary files a/zeek-default/rfb.log.gz and b/zeek-default/rfb.log.gz differ
diff --git a/zeek-default/smb_files.log.gz b/zeek-default/smb_files.log.gz
index 69a141b..fd3a23e 100644
Binary files a/zeek-default/smb_files.log.gz and b/zeek-default/smb_files.log.gz differ
diff --git a/zeek-default/smb_mapping.log.gz b/zeek-default/smb_mapping.log.gz
index 30cf7a0..bbee6b7 100644
Binary files a/zeek-default/smb_mapping.log.gz and b/zeek-default/smb_mapping.log.gz differ
diff --git a/zeek-default/smtp.log.gz b/zeek-default/smtp.log.gz
index f912150..6c43425 100644
Binary files a/zeek-default/smtp.log.gz and b/zeek-default/smtp.log.gz differ
diff --git a/zeek-default/snmp.log.gz b/zeek-default/snmp.log.gz
index 5c25adb..010100d 100644
Binary files a/zeek-default/snmp.log.gz and b/zeek-default/snmp.log.gz differ
diff --git a/zeek-default/software.log.gz b/zeek-default/software.log.gz
new file mode 100644
index 0000000..5dc1618
Binary files /dev/null and b/zeek-default/software.log.gz differ
diff --git a/zeek-default/ssh.log.gz b/zeek-default/ssh.log.gz
index 71be5c4..5abf559 100644
Binary files a/zeek-default/ssh.log.gz and b/zeek-default/ssh.log.gz differ
diff --git a/zeek-default/ssl.log.gz b/zeek-default/ssl.log.gz
index 7918fde..4f2aa28 100644
Binary files a/zeek-default/ssl.log.gz and b/zeek-default/ssl.log.gz differ
diff --git a/zeek-default/stats.log.gz b/zeek-default/stats.log.gz
index 5a4e164..e132961 100644
Binary files a/zeek-default/stats.log.gz and b/zeek-default/stats.log.gz differ
diff --git a/zeek-default/syslog.log.gz b/zeek-default/syslog.log.gz
index 427645e..c0ac043 100644
Binary files a/zeek-default/syslog.log.gz and b/zeek-default/syslog.log.gz differ
diff --git a/zeek-default/telemetry.log.gz b/zeek-default/telemetry.log.gz
new file mode 100644
index 0000000..e3d13c7
Binary files /dev/null and b/zeek-default/telemetry.log.gz differ
diff --git a/zeek-default/weird.log.gz b/zeek-default/weird.log.gz
index a3009b3..70bfdbe 100644
Binary files a/zeek-default/weird.log.gz and b/zeek-default/weird.log.gz differ
diff --git a/zeek-default/x509.log.gz b/zeek-default/x509.log.gz
index 7ee9bb9..9db9bf0 100644
Binary files a/zeek-default/x509.log.gz and b/zeek-default/x509.log.gz differ
diff --git a/zeek-ndjson/analyzer.ndjson.gz b/zeek-ndjson/analyzer.ndjson.gz
new file mode 100644
index 0000000..a8d7c07
Binary files /dev/null and b/zeek-ndjson/analyzer.ndjson.gz differ
diff --git a/zeek-ndjson/capture_loss.ndjson.gz b/zeek-ndjson/capture_loss.ndjson.gz
index f7e06b8..8d984ba 100644
Binary files a/zeek-ndjson/capture_loss.ndjson.gz and b/zeek-ndjson/capture_loss.ndjson.gz differ
diff --git a/zeek-ndjson/conn.ndjson.gz b/zeek-ndjson/conn.ndjson.gz
index f4df6ea..fb0cb0a 100644
Binary files a/zeek-ndjson/conn.ndjson.gz and b/zeek-ndjson/conn.ndjson.gz differ
diff --git a/zeek-ndjson/dce_rpc.ndjson.gz b/zeek-ndjson/dce_rpc.ndjson.gz
index 351b540..96c579e 100644
Binary files a/zeek-ndjson/dce_rpc.ndjson.gz and b/zeek-ndjson/dce_rpc.ndjson.gz differ
diff --git a/zeek-ndjson/dns.ndjson.gz b/zeek-ndjson/dns.ndjson.gz
index c176f4b..891330c 100644
Binary files a/zeek-ndjson/dns.ndjson.gz and b/zeek-ndjson/dns.ndjson.gz differ
diff --git a/zeek-ndjson/dpd.ndjson.gz b/zeek-ndjson/dpd.ndjson.gz
index 98aa644..aa82a0b 100644
Binary files a/zeek-ndjson/dpd.ndjson.gz and b/zeek-ndjson/dpd.ndjson.gz differ
diff --git a/zeek-ndjson/files.ndjson.gz b/zeek-ndjson/files.ndjson.gz
index 7a9a092..501f7da 100644
Binary files a/zeek-ndjson/files.ndjson.gz and b/zeek-ndjson/files.ndjson.gz differ
diff --git a/zeek-ndjson/ftp.ndjson.gz b/zeek-ndjson/ftp.ndjson.gz
index 2cedfbd..a91215e 100644
Binary files a/zeek-ndjson/ftp.ndjson.gz and b/zeek-ndjson/ftp.ndjson.gz differ
diff --git a/zeek-ndjson/http.ndjson.gz b/zeek-ndjson/http.ndjson.gz
index 890ead8..a8732dc 100644
Binary files a/zeek-ndjson/http.ndjson.gz and b/zeek-ndjson/http.ndjson.gz differ
diff --git a/zeek-ndjson/kerberos.ndjson.gz b/zeek-ndjson/kerberos.ndjson.gz
index 1cbed4d..205d76c 100644
Binary files a/zeek-ndjson/kerberos.ndjson.gz and b/zeek-ndjson/kerberos.ndjson.gz differ
diff --git a/zeek-ndjson/known_certs.ndjson.gz b/zeek-ndjson/known_certs.ndjson.gz
new file mode 100644
index 0000000..180a3d8
Binary files /dev/null and b/zeek-ndjson/known_certs.ndjson.gz differ
diff --git a/zeek-ndjson/known_hosts.ndjson.gz b/zeek-ndjson/known_hosts.ndjson.gz
new file mode 100644
index 0000000..c8dc660
Binary files /dev/null and b/zeek-ndjson/known_hosts.ndjson.gz differ
diff --git a/zeek-ndjson/known_services.ndjson.gz b/zeek-ndjson/known_services.ndjson.gz
new file mode 100644
index 0000000..9df53b7
Binary files /dev/null and b/zeek-ndjson/known_services.ndjson.gz differ
diff --git a/zeek-ndjson/ldap_search.ndjson.gz b/zeek-ndjson/ldap_search.ndjson.gz
new file mode 100644
index 0000000..f64e655
Binary files /dev/null and b/zeek-ndjson/ldap_search.ndjson.gz differ
diff --git a/zeek-ndjson/loaded_scripts.ndjson.gz b/zeek-ndjson/loaded_scripts.ndjson.gz
new file mode 100644
index 0000000..7d8d436
Binary files /dev/null and b/zeek-ndjson/loaded_scripts.ndjson.gz differ
diff --git a/zeek-ndjson/modbus.ndjson.gz b/zeek-ndjson/modbus.ndjson.gz
index 2b1c489..0480cc2 100644
Binary files a/zeek-ndjson/modbus.ndjson.gz and b/zeek-ndjson/modbus.ndjson.gz differ
diff --git a/zeek-ndjson/notice.ndjson.gz b/zeek-ndjson/notice.ndjson.gz
index badd6f3..3153faf 100644
Binary files a/zeek-ndjson/notice.ndjson.gz and b/zeek-ndjson/notice.ndjson.gz differ
diff --git a/zeek-ndjson/ntlm.ndjson.gz b/zeek-ndjson/ntlm.ndjson.gz
index 9b493f9..2b3939c 100644
Binary files a/zeek-ndjson/ntlm.ndjson.gz and b/zeek-ndjson/ntlm.ndjson.gz differ
diff --git a/zeek-ndjson/ntp.ndjson.gz b/zeek-ndjson/ntp.ndjson.gz
index fc7db41..46d7344 100644
Binary files a/zeek-ndjson/ntp.ndjson.gz and b/zeek-ndjson/ntp.ndjson.gz differ
diff --git a/zeek-ndjson/ocsp.ndjson.gz b/zeek-ndjson/ocsp.ndjson.gz
new file mode 100644
index 0000000..dcfe3b4
Binary files /dev/null and b/zeek-ndjson/ocsp.ndjson.gz differ
diff --git a/zeek-ndjson/packet_filter.ndjson.gz b/zeek-ndjson/packet_filter.ndjson.gz
new file mode 100644
index 0000000..03f5ec0
Binary files /dev/null and b/zeek-ndjson/packet_filter.ndjson.gz differ
diff --git a/zeek-ndjson/pe.ndjson.gz b/zeek-ndjson/pe.ndjson.gz
index 3d5aa20..c2e8a5e 100644
Binary files a/zeek-ndjson/pe.ndjson.gz and b/zeek-ndjson/pe.ndjson.gz differ
diff --git a/zeek-ndjson/rdp.ndjson.gz b/zeek-ndjson/rdp.ndjson.gz
index 12fd3b2..162727d 100644
Binary files a/zeek-ndjson/rdp.ndjson.gz and b/zeek-ndjson/rdp.ndjson.gz differ
diff --git a/zeek-ndjson/rfb.ndjson.gz b/zeek-ndjson/rfb.ndjson.gz
index 3a4ef39..246ad35 100644
Binary files a/zeek-ndjson/rfb.ndjson.gz and b/zeek-ndjson/rfb.ndjson.gz differ
diff --git a/zeek-ndjson/smb_files.ndjson.gz b/zeek-ndjson/smb_files.ndjson.gz
index 792d587..2fd2e62 100644
Binary files a/zeek-ndjson/smb_files.ndjson.gz and b/zeek-ndjson/smb_files.ndjson.gz differ
diff --git a/zeek-ndjson/smb_mapping.ndjson.gz b/zeek-ndjson/smb_mapping.ndjson.gz
index dc5ddaf..97fe101 100644
Binary files a/zeek-ndjson/smb_mapping.ndjson.gz and b/zeek-ndjson/smb_mapping.ndjson.gz differ
diff --git a/zeek-ndjson/smtp.ndjson.gz b/zeek-ndjson/smtp.ndjson.gz
index ad8f416..03693d6 100644
Binary files a/zeek-ndjson/smtp.ndjson.gz and b/zeek-ndjson/smtp.ndjson.gz differ
diff --git a/zeek-ndjson/snmp.ndjson.gz b/zeek-ndjson/snmp.ndjson.gz
index 16aeeaf..10ae5c1 100644
Binary files a/zeek-ndjson/snmp.ndjson.gz and b/zeek-ndjson/snmp.ndjson.gz differ
diff --git a/zeek-ndjson/software.ndjson.gz b/zeek-ndjson/software.ndjson.gz
new file mode 100644
index 0000000..303d63c
Binary files /dev/null and b/zeek-ndjson/software.ndjson.gz differ
diff --git a/zeek-ndjson/ssh.ndjson.gz b/zeek-ndjson/ssh.ndjson.gz
index a16326d..e57aa12 100644
Binary files a/zeek-ndjson/ssh.ndjson.gz and b/zeek-ndjson/ssh.ndjson.gz differ
diff --git a/zeek-ndjson/ssl.ndjson.gz b/zeek-ndjson/ssl.ndjson.gz
index 0c18e1b..5122a6e 100644
Binary files a/zeek-ndjson/ssl.ndjson.gz and b/zeek-ndjson/ssl.ndjson.gz differ
diff --git a/zeek-ndjson/stats.ndjson.gz b/zeek-ndjson/stats.ndjson.gz
index 1657d43..7252058 100644
Binary files a/zeek-ndjson/stats.ndjson.gz and b/zeek-ndjson/stats.ndjson.gz differ
diff --git a/zeek-ndjson/syslog.ndjson.gz b/zeek-ndjson/syslog.ndjson.gz
index dfd93e4..80c5710 100644
Binary files a/zeek-ndjson/syslog.ndjson.gz and b/zeek-ndjson/syslog.ndjson.gz differ
diff --git a/zeek-ndjson/telemetry.ndjson.gz b/zeek-ndjson/telemetry.ndjson.gz
new file mode 100644
index 0000000..0df8bfd
Binary files /dev/null and b/zeek-ndjson/telemetry.ndjson.gz differ
diff --git a/zeek-ndjson/weird.ndjson.gz b/zeek-ndjson/weird.ndjson.gz
index 8092e8c..6d38b57 100644
Binary files a/zeek-ndjson/weird.ndjson.gz and b/zeek-ndjson/weird.ndjson.gz differ
diff --git a/zeek-ndjson/x509.ndjson.gz b/zeek-ndjson/x509.ndjson.gz
index 36af496..a4d45fe 100644
Binary files a/zeek-ndjson/x509.ndjson.gz and b/zeek-ndjson/x509.ndjson.gz differ
diff --git a/zng-uncompressed/analyzer.zng.gz b/zng-uncompressed/analyzer.zng.gz
new file mode 100644
index 0000000..b6570ad
Binary files /dev/null and b/zng-uncompressed/analyzer.zng.gz differ
diff --git a/zng-uncompressed/capture_loss.zng.gz b/zng-uncompressed/capture_loss.zng.gz
index 7b369be..4980a87 100644
Binary files a/zng-uncompressed/capture_loss.zng.gz and b/zng-uncompressed/capture_loss.zng.gz differ
diff --git a/zng-uncompressed/conn.zng.gz b/zng-uncompressed/conn.zng.gz
index dac3788..ad8bc2f 100644
Binary files a/zng-uncompressed/conn.zng.gz and b/zng-uncompressed/conn.zng.gz differ
diff --git a/zng-uncompressed/dce_rpc.zng.gz b/zng-uncompressed/dce_rpc.zng.gz
index ee6afcb..2d38997 100644
Binary files a/zng-uncompressed/dce_rpc.zng.gz and b/zng-uncompressed/dce_rpc.zng.gz differ
diff --git a/zng-uncompressed/dns.zng.gz b/zng-uncompressed/dns.zng.gz
index ababe95..3745370 100644
Binary files a/zng-uncompressed/dns.zng.gz and b/zng-uncompressed/dns.zng.gz differ
diff --git a/zng-uncompressed/dpd.zng.gz b/zng-uncompressed/dpd.zng.gz
index e8a1f43..1b5f877 100644
Binary files a/zng-uncompressed/dpd.zng.gz and b/zng-uncompressed/dpd.zng.gz differ
diff --git a/zng-uncompressed/files.zng.gz b/zng-uncompressed/files.zng.gz
index 1809567..8e2e342 100644
Binary files a/zng-uncompressed/files.zng.gz and b/zng-uncompressed/files.zng.gz differ
diff --git a/zng-uncompressed/ftp.zng.gz b/zng-uncompressed/ftp.zng.gz
index f66c910..00a4110 100644
Binary files a/zng-uncompressed/ftp.zng.gz and b/zng-uncompressed/ftp.zng.gz differ
diff --git a/zng-uncompressed/http.zng.gz b/zng-uncompressed/http.zng.gz
index a253287..c717912 100644
Binary files a/zng-uncompressed/http.zng.gz and b/zng-uncompressed/http.zng.gz differ
diff --git a/zng-uncompressed/kerberos.zng.gz b/zng-uncompressed/kerberos.zng.gz
index 4004801..5a9015c 100644
Binary files a/zng-uncompressed/kerberos.zng.gz and b/zng-uncompressed/kerberos.zng.gz differ
diff --git a/zng-uncompressed/known_certs.zng.gz b/zng-uncompressed/known_certs.zng.gz
new file mode 100644
index 0000000..f79b9ab
Binary files /dev/null and b/zng-uncompressed/known_certs.zng.gz differ
diff --git a/zng-uncompressed/known_hosts.zng.gz b/zng-uncompressed/known_hosts.zng.gz
new file mode 100644
index 0000000..186ab57
Binary files /dev/null and b/zng-uncompressed/known_hosts.zng.gz differ
diff --git a/zng-uncompressed/known_services.zng.gz b/zng-uncompressed/known_services.zng.gz
new file mode 100644
index 0000000..33c0781
Binary files /dev/null and b/zng-uncompressed/known_services.zng.gz differ
diff --git a/zng-uncompressed/ldap_search.zng.gz b/zng-uncompressed/ldap_search.zng.gz
new file mode 100644
index 0000000..254fc9f
Binary files /dev/null and b/zng-uncompressed/ldap_search.zng.gz differ
diff --git a/zng-uncompressed/loaded_scripts.zng.gz b/zng-uncompressed/loaded_scripts.zng.gz
new file mode 100644
index 0000000..5bbef6c
Binary files /dev/null and b/zng-uncompressed/loaded_scripts.zng.gz differ
diff --git a/zng-uncompressed/modbus.zng.gz b/zng-uncompressed/modbus.zng.gz
index b2db3e8..12f6ce7 100644
Binary files a/zng-uncompressed/modbus.zng.gz and b/zng-uncompressed/modbus.zng.gz differ
diff --git a/zng-uncompressed/notice.zng.gz b/zng-uncompressed/notice.zng.gz
index d38a9c3..953d8d0 100644
Binary files a/zng-uncompressed/notice.zng.gz and b/zng-uncompressed/notice.zng.gz differ
diff --git a/zng-uncompressed/ntlm.zng.gz b/zng-uncompressed/ntlm.zng.gz
index 41d7694..91cbc08 100644
Binary files a/zng-uncompressed/ntlm.zng.gz and b/zng-uncompressed/ntlm.zng.gz differ
diff --git a/zng-uncompressed/ntp.zng.gz b/zng-uncompressed/ntp.zng.gz
index 878ec46..6c56f73 100644
Binary files a/zng-uncompressed/ntp.zng.gz and b/zng-uncompressed/ntp.zng.gz differ
diff --git a/zng-uncompressed/ocsp.zng.gz b/zng-uncompressed/ocsp.zng.gz
new file mode 100644
index 0000000..7a1e23f
Binary files /dev/null and b/zng-uncompressed/ocsp.zng.gz differ
diff --git a/zng-uncompressed/packet_filter.zng.gz b/zng-uncompressed/packet_filter.zng.gz
new file mode 100644
index 0000000..89cc1a9
Binary files /dev/null and b/zng-uncompressed/packet_filter.zng.gz differ
diff --git a/zng-uncompressed/pe.zng.gz b/zng-uncompressed/pe.zng.gz
index 76adf04..fb767f9 100644
Binary files a/zng-uncompressed/pe.zng.gz and b/zng-uncompressed/pe.zng.gz differ
diff --git a/zng-uncompressed/rdp.zng.gz b/zng-uncompressed/rdp.zng.gz
index 5dbac7b..98db089 100644
Binary files a/zng-uncompressed/rdp.zng.gz and b/zng-uncompressed/rdp.zng.gz differ
diff --git a/zng-uncompressed/rfb.zng.gz b/zng-uncompressed/rfb.zng.gz
index cffa7e0..999133a 100644
Binary files a/zng-uncompressed/rfb.zng.gz and b/zng-uncompressed/rfb.zng.gz differ
diff --git a/zng-uncompressed/smb_files.zng.gz b/zng-uncompressed/smb_files.zng.gz
index 7d1fe39..d5b0f07 100644
Binary files a/zng-uncompressed/smb_files.zng.gz and b/zng-uncompressed/smb_files.zng.gz differ
diff --git a/zng-uncompressed/smb_mapping.zng.gz b/zng-uncompressed/smb_mapping.zng.gz
index a7cc737..ff30042 100644
Binary files a/zng-uncompressed/smb_mapping.zng.gz and b/zng-uncompressed/smb_mapping.zng.gz differ
diff --git a/zng-uncompressed/smtp.zng.gz b/zng-uncompressed/smtp.zng.gz
index 31f6fd9..c1d789a 100644
Binary files a/zng-uncompressed/smtp.zng.gz and b/zng-uncompressed/smtp.zng.gz differ
diff --git a/zng-uncompressed/snmp.zng.gz b/zng-uncompressed/snmp.zng.gz
index 93e8f93..8b6f457 100644
Binary files a/zng-uncompressed/snmp.zng.gz and b/zng-uncompressed/snmp.zng.gz differ
diff --git a/zng-uncompressed/software.zng.gz b/zng-uncompressed/software.zng.gz
new file mode 100644
index 0000000..514f05b
Binary files /dev/null and b/zng-uncompressed/software.zng.gz differ
diff --git a/zng-uncompressed/ssh.zng.gz b/zng-uncompressed/ssh.zng.gz
index 60cfc2b..b091fa6 100644
Binary files a/zng-uncompressed/ssh.zng.gz and b/zng-uncompressed/ssh.zng.gz differ
diff --git a/zng-uncompressed/ssl.zng.gz b/zng-uncompressed/ssl.zng.gz
index 4c6c0ac..fe2b26c 100644
Binary files a/zng-uncompressed/ssl.zng.gz and b/zng-uncompressed/ssl.zng.gz differ
diff --git a/zng-uncompressed/stats.zng.gz b/zng-uncompressed/stats.zng.gz
index e2bc659..d43db23 100644
Binary files a/zng-uncompressed/stats.zng.gz and b/zng-uncompressed/stats.zng.gz differ
diff --git a/zng-uncompressed/syslog.zng.gz b/zng-uncompressed/syslog.zng.gz
index aee0523..44fba37 100644
Binary files a/zng-uncompressed/syslog.zng.gz and b/zng-uncompressed/syslog.zng.gz differ
diff --git a/zng-uncompressed/telemetry.zng.gz b/zng-uncompressed/telemetry.zng.gz
new file mode 100644
index 0000000..d5f0cd2
Binary files /dev/null and b/zng-uncompressed/telemetry.zng.gz differ
diff --git a/zng-uncompressed/weird.zng.gz b/zng-uncompressed/weird.zng.gz
index 3cf7e00..dba9d59 100644
Binary files a/zng-uncompressed/weird.zng.gz and b/zng-uncompressed/weird.zng.gz differ
diff --git a/zng-uncompressed/x509.zng.gz b/zng-uncompressed/x509.zng.gz
index 9ddb638..69f1eaf 100644
Binary files a/zng-uncompressed/x509.zng.gz and b/zng-uncompressed/x509.zng.gz differ
diff --git a/zng/analyzer.zng.gz b/zng/analyzer.zng.gz
new file mode 100644
index 0000000..ab56fc9
Binary files /dev/null and b/zng/analyzer.zng.gz differ
diff --git a/zng/capture_loss.zng.gz b/zng/capture_loss.zng.gz
index 49b23ef..aed95f7 100644
Binary files a/zng/capture_loss.zng.gz and b/zng/capture_loss.zng.gz differ
diff --git a/zng/conn.zng.gz b/zng/conn.zng.gz
index 1a7ef88..db2db1f 100644
Binary files a/zng/conn.zng.gz and b/zng/conn.zng.gz differ
diff --git a/zng/dce_rpc.zng.gz b/zng/dce_rpc.zng.gz
index 9750b0a..fdf45ec 100644
Binary files a/zng/dce_rpc.zng.gz and b/zng/dce_rpc.zng.gz differ
diff --git a/zng/dns.zng.gz b/zng/dns.zng.gz
index 19f7e36..4372cab 100644
Binary files a/zng/dns.zng.gz and b/zng/dns.zng.gz differ
diff --git a/zng/dpd.zng.gz b/zng/dpd.zng.gz
index 992c45d..8b9cdd7 100644
Binary files a/zng/dpd.zng.gz and b/zng/dpd.zng.gz differ
diff --git a/zng/files.zng.gz b/zng/files.zng.gz
index 9ac1b2e..01d125d 100644
Binary files a/zng/files.zng.gz and b/zng/files.zng.gz differ
diff --git a/zng/ftp.zng.gz b/zng/ftp.zng.gz
index 7a88a2f..1469fb9 100644
Binary files a/zng/ftp.zng.gz and b/zng/ftp.zng.gz differ
diff --git a/zng/http.zng.gz b/zng/http.zng.gz
index 89f3032..abaf9b1 100644
Binary files a/zng/http.zng.gz and b/zng/http.zng.gz differ
diff --git a/zng/kerberos.zng.gz b/zng/kerberos.zng.gz
index cef7fbc..7642631 100644
Binary files a/zng/kerberos.zng.gz and b/zng/kerberos.zng.gz differ
diff --git a/zng/known_certs.zng.gz b/zng/known_certs.zng.gz
new file mode 100644
index 0000000..3036155
Binary files /dev/null and b/zng/known_certs.zng.gz differ
diff --git a/zng/known_hosts.zng.gz b/zng/known_hosts.zng.gz
new file mode 100644
index 0000000..2bedb45
Binary files /dev/null and b/zng/known_hosts.zng.gz differ
diff --git a/zng/known_services.zng.gz b/zng/known_services.zng.gz
new file mode 100644
index 0000000..75a5f40
Binary files /dev/null and b/zng/known_services.zng.gz differ
diff --git a/zng/ldap_search.zng.gz b/zng/ldap_search.zng.gz
new file mode 100644
index 0000000..4a7bee7
Binary files /dev/null and b/zng/ldap_search.zng.gz differ
diff --git a/zng/loaded_scripts.zng.gz b/zng/loaded_scripts.zng.gz
new file mode 100644
index 0000000..d976ab0
Binary files /dev/null and b/zng/loaded_scripts.zng.gz differ
diff --git a/zng/modbus.zng.gz b/zng/modbus.zng.gz
index 08c560e..b2e822e 100644
Binary files a/zng/modbus.zng.gz and b/zng/modbus.zng.gz differ
diff --git a/zng/notice.zng.gz b/zng/notice.zng.gz
index 6df56ac..65fdad8 100644
Binary files a/zng/notice.zng.gz and b/zng/notice.zng.gz differ
diff --git a/zng/ntlm.zng.gz b/zng/ntlm.zng.gz
index b9b6dd2..7067816 100644
Binary files a/zng/ntlm.zng.gz and b/zng/ntlm.zng.gz differ
diff --git a/zng/ntp.zng.gz b/zng/ntp.zng.gz
index f58ff9f..a3b313b 100644
Binary files a/zng/ntp.zng.gz and b/zng/ntp.zng.gz differ
diff --git a/zng/ocsp.zng.gz b/zng/ocsp.zng.gz
new file mode 100644
index 0000000..8840275
Binary files /dev/null and b/zng/ocsp.zng.gz differ
diff --git a/zng/packet_filter.zng.gz b/zng/packet_filter.zng.gz
new file mode 100644
index 0000000..fbd8d0b
Binary files /dev/null and b/zng/packet_filter.zng.gz differ
diff --git a/zng/pe.zng.gz b/zng/pe.zng.gz
index d676641..f3f42bb 100644
Binary files a/zng/pe.zng.gz and b/zng/pe.zng.gz differ
diff --git a/zng/rdp.zng.gz b/zng/rdp.zng.gz
index 9ac25cd..0f7e7d1 100644
Binary files a/zng/rdp.zng.gz and b/zng/rdp.zng.gz differ
diff --git a/zng/rfb.zng.gz b/zng/rfb.zng.gz
index 170bcf6..da40fc5 100644
Binary files a/zng/rfb.zng.gz and b/zng/rfb.zng.gz differ
diff --git a/zng/smb_files.zng.gz b/zng/smb_files.zng.gz
index a09dbe3..50b3780 100644
Binary files a/zng/smb_files.zng.gz and b/zng/smb_files.zng.gz differ
diff --git a/zng/smb_mapping.zng.gz b/zng/smb_mapping.zng.gz
index bfb28f8..c0ac502 100644
Binary files a/zng/smb_mapping.zng.gz and b/zng/smb_mapping.zng.gz differ
diff --git a/zng/smtp.zng.gz b/zng/smtp.zng.gz
index 6cd5c75..765eebc 100644
Binary files a/zng/smtp.zng.gz and b/zng/smtp.zng.gz differ
diff --git a/zng/snmp.zng.gz b/zng/snmp.zng.gz
index 9e310e9..687acbe 100644
Binary files a/zng/snmp.zng.gz and b/zng/snmp.zng.gz differ
diff --git a/zng/software.zng.gz b/zng/software.zng.gz
new file mode 100644
index 0000000..b62200e
Binary files /dev/null and b/zng/software.zng.gz differ
diff --git a/zng/ssh.zng.gz b/zng/ssh.zng.gz
index 45eb57e..d9ac0ce 100644
Binary files a/zng/ssh.zng.gz and b/zng/ssh.zng.gz differ
diff --git a/zng/ssl.zng.gz b/zng/ssl.zng.gz
index 626a690..1c6dec5 100644
Binary files a/zng/ssl.zng.gz and b/zng/ssl.zng.gz differ
diff --git a/zng/stats.zng.gz b/zng/stats.zng.gz
index 946f548..f94650d 100644
Binary files a/zng/stats.zng.gz and b/zng/stats.zng.gz differ
diff --git a/zng/syslog.zng.gz b/zng/syslog.zng.gz
index baec987..3c9f8db 100644
Binary files a/zng/syslog.zng.gz and b/zng/syslog.zng.gz differ
diff --git a/zng/telemetry.zng.gz b/zng/telemetry.zng.gz
new file mode 100644
index 0000000..d8dca86
Binary files /dev/null and b/zng/telemetry.zng.gz differ
diff --git a/zng/weird.zng.gz b/zng/weird.zng.gz
index f136867..e7a90b4 100644
Binary files a/zng/weird.zng.gz and b/zng/weird.zng.gz differ
diff --git a/zng/x509.zng.gz b/zng/x509.zng.gz
index 135b4f7..53cacbc 100644
Binary files a/zng/x509.zng.gz and b/zng/x509.zng.gz differ
diff --git a/zson/analyzer.zson.gz b/zson/analyzer.zson.gz
new file mode 100644
index 0000000..edd002b
Binary files /dev/null and b/zson/analyzer.zson.gz differ
diff --git a/zson/capture_loss.zson.gz b/zson/capture_loss.zson.gz
index b4cbf30..da22705 100644
Binary files a/zson/capture_loss.zson.gz and b/zson/capture_loss.zson.gz differ
diff --git a/zson/conn.zson.gz b/zson/conn.zson.gz
index c6fd867..d36b975 100644
Binary files a/zson/conn.zson.gz and b/zson/conn.zson.gz differ
diff --git a/zson/dce_rpc.zson.gz b/zson/dce_rpc.zson.gz
index 31c1491..535ba89 100644
Binary files a/zson/dce_rpc.zson.gz and b/zson/dce_rpc.zson.gz differ
diff --git a/zson/dns.zson.gz b/zson/dns.zson.gz
index 49e5039..7451833 100644
Binary files a/zson/dns.zson.gz and b/zson/dns.zson.gz differ
diff --git a/zson/dpd.zson.gz b/zson/dpd.zson.gz
index ea20127..2251219 100644
Binary files a/zson/dpd.zson.gz and b/zson/dpd.zson.gz differ
diff --git a/zson/files.zson.gz b/zson/files.zson.gz
index 33b91c0..0a7c59b 100644
Binary files a/zson/files.zson.gz and b/zson/files.zson.gz differ
diff --git a/zson/ftp.zson.gz b/zson/ftp.zson.gz
index a272da8..33caa9f 100644
Binary files a/zson/ftp.zson.gz and b/zson/ftp.zson.gz differ
diff --git a/zson/http.zson.gz b/zson/http.zson.gz
index d67dba3..5d894f7 100644
Binary files a/zson/http.zson.gz and b/zson/http.zson.gz differ
diff --git a/zson/kerberos.zson.gz b/zson/kerberos.zson.gz
index fc35180..e0057df 100644
Binary files a/zson/kerberos.zson.gz and b/zson/kerberos.zson.gz differ
diff --git a/zson/known_certs.zson.gz b/zson/known_certs.zson.gz
new file mode 100644
index 0000000..4a88ea2
Binary files /dev/null and b/zson/known_certs.zson.gz differ
diff --git a/zson/known_hosts.zson.gz b/zson/known_hosts.zson.gz
new file mode 100644
index 0000000..7c32e6c
Binary files /dev/null and b/zson/known_hosts.zson.gz differ
diff --git a/zson/known_services.zson.gz b/zson/known_services.zson.gz
new file mode 100644
index 0000000..3849265
Binary files /dev/null and b/zson/known_services.zson.gz differ
diff --git a/zson/ldap_search.zson.gz b/zson/ldap_search.zson.gz
new file mode 100644
index 0000000..8c0c498
Binary files /dev/null and b/zson/ldap_search.zson.gz differ
diff --git a/zson/loaded_scripts.zson.gz b/zson/loaded_scripts.zson.gz
new file mode 100644
index 0000000..9106928
Binary files /dev/null and b/zson/loaded_scripts.zson.gz differ
diff --git a/zson/modbus.zson.gz b/zson/modbus.zson.gz
index 34f6490..5f29310 100644
Binary files a/zson/modbus.zson.gz and b/zson/modbus.zson.gz differ
diff --git a/zson/notice.zson.gz b/zson/notice.zson.gz
index 64aa508..a856aa4 100644
Binary files a/zson/notice.zson.gz and b/zson/notice.zson.gz differ
diff --git a/zson/ntlm.zson.gz b/zson/ntlm.zson.gz
index d0f212b..775249c 100644
Binary files a/zson/ntlm.zson.gz and b/zson/ntlm.zson.gz differ
diff --git a/zson/ntp.zson.gz b/zson/ntp.zson.gz
index d3ff24e..08fa144 100644
Binary files a/zson/ntp.zson.gz and b/zson/ntp.zson.gz differ
diff --git a/zson/ocsp.zson.gz b/zson/ocsp.zson.gz
new file mode 100644
index 0000000..a53e192
Binary files /dev/null and b/zson/ocsp.zson.gz differ
diff --git a/zson/packet_filter.zson.gz b/zson/packet_filter.zson.gz
new file mode 100644
index 0000000..d70b9f2
Binary files /dev/null and b/zson/packet_filter.zson.gz differ
diff --git a/zson/pe.zson.gz b/zson/pe.zson.gz
index 5c118c4..23e3459 100644
Binary files a/zson/pe.zson.gz and b/zson/pe.zson.gz differ
diff --git a/zson/rdp.zson.gz b/zson/rdp.zson.gz
index 000698d..3f3bacd 100644
Binary files a/zson/rdp.zson.gz and b/zson/rdp.zson.gz differ
diff --git a/zson/rfb.zson.gz b/zson/rfb.zson.gz
index 163596b..d8c15ed 100644
Binary files a/zson/rfb.zson.gz and b/zson/rfb.zson.gz differ
diff --git a/zson/smb_files.zson.gz b/zson/smb_files.zson.gz
index 9b99ff0..17e3113 100644
Binary files a/zson/smb_files.zson.gz and b/zson/smb_files.zson.gz differ
diff --git a/zson/smb_mapping.zson.gz b/zson/smb_mapping.zson.gz
index 452385d..eca30a5 100644
Binary files a/zson/smb_mapping.zson.gz and b/zson/smb_mapping.zson.gz differ
diff --git a/zson/smtp.zson.gz b/zson/smtp.zson.gz
index 8b6cf6b..f31208c 100644
Binary files a/zson/smtp.zson.gz and b/zson/smtp.zson.gz differ
diff --git a/zson/snmp.zson.gz b/zson/snmp.zson.gz
index 76ce153..59a5cbf 100644
Binary files a/zson/snmp.zson.gz and b/zson/snmp.zson.gz differ
diff --git a/zson/software.zson.gz b/zson/software.zson.gz
new file mode 100644
index 0000000..893e755
Binary files /dev/null and b/zson/software.zson.gz differ
diff --git a/zson/ssh.zson.gz b/zson/ssh.zson.gz
index d463931..dd6464c 100644
Binary files a/zson/ssh.zson.gz and b/zson/ssh.zson.gz differ
diff --git a/zson/ssl.zson.gz b/zson/ssl.zson.gz
index 352de64..1ceb50a 100644
Binary files a/zson/ssl.zson.gz and b/zson/ssl.zson.gz differ
diff --git a/zson/stats.zson.gz b/zson/stats.zson.gz
index c2a5f73..e7390b4 100644
Binary files a/zson/stats.zson.gz and b/zson/stats.zson.gz differ
diff --git a/zson/syslog.zson.gz b/zson/syslog.zson.gz
index 9033dc5..697e765 100644
Binary files a/zson/syslog.zson.gz and b/zson/syslog.zson.gz differ
diff --git a/zson/telemetry.zson.gz b/zson/telemetry.zson.gz
new file mode 100644
index 0000000..0044135
Binary files /dev/null and b/zson/telemetry.zson.gz differ
diff --git a/zson/weird.zson.gz b/zson/weird.zson.gz
index 586194f..73b0b63 100644
Binary files a/zson/weird.zson.gz and b/zson/weird.zson.gz differ
diff --git a/zson/x509.zson.gz b/zson/x509.zson.gz
index 1183e97..b177512 100644
Binary files a/zson/x509.zson.gz and b/zson/x509.zson.gz differ