User Tools

Site Tools


lua:start

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
lua:start [2018/12/13 16:33] – [Getting started with Trisul LUA Scripting] veeralua:start [2018/12/22 18:19] (current) – [LuaJIT tips] veera
Line 6: Line 6:
  
 [[https://github.com/trisulnsm/trisul-scripts/tree/master/lua/skeletons|Skeleton Lua scripts]] you can copy and fill out [[https://github.com/trisulnsm/trisul-scripts/tree/master/lua/skeletons|Skeleton Lua scripts]] you can copy and fill out
 +
 +[[https://www.trisul.org/docs/lua/selector.html|LUA Script selector]] - to help you pick the type of scripting API you need to use to accomplish a variety of tasks 
  
 [[scripting:introbro|Bro IDS scripting vs Trisul scripting]] [[scripting:introbro|Bro IDS scripting vs Trisul scripting]]
Line 11: Line 13:
 [[lua:structure|How to structure your scripts]] [[lua:structure|How to structure your scripts]]
  
-===== Basics =====+===== Tutorials =====
  
 Links to step by step tutorials Links to step by step tutorials
  
-Tutorial 1 : [[https://www.trisul.org/docs/lua/tutorial1.html|A Hello World]] +  * **Tutorial 1** : [[https://www.trisul.org/docs/lua/tutorial1.html|A Hello World]] 
- +  * **Tutorial 2** : A [[https://www.trisul.org/docs/lua/tutorial2.html|packet length counter]]  
-Tutorial 2 : A [[https://www.trisul.org/docs/lua/tutorial2.html|packet length counter]]  +  * **Tutorial 3** : A basic TCP [[https://github.com/trisulnsm/trisul-scripts/tree/master/lua/tutorial/tutorial3|based DNP3 analyzer]] 
- +  * **Tutorial 4** : A step-by-step guide to working with resources (Logs) [[https://github.com/trisulnsm/trisul-scripts/tree/master/lua/tutorial/tutorial4|by writing a URLHaus IOC checker]]
- +
-===== Techniques used in sample scripts ===== +
- +
- +
-[[lua:ua-parser|Trisul script to use UA-Parser regex to track HTTP User Agents]]  +
  
 ===== LuaJIT tips ===== ===== LuaJIT tips =====
Line 30: Line 26:
 [[lua:jittips|LuaJIT performance tips]] [[lua:jittips|LuaJIT performance tips]]
  
 +===== Techniques =====
  
-===== QUIC analyzer ===== +[[lua:logtail|Log tailing]] : Lua snippet to watch a directory of logfiles and tail them into your LUA code. 
- +
-[[lua:quic|Explains the Trisul Google QUIC protocol analyzer script]] +
- +
lua/start.1544699036.txt.gz · Last modified: 2018/12/13 16:33 by veera