Write reusable scripts to automate network traffic, threat hunting, and security monitoring tasks

This short step by step tutorial explains how you can get a ruby script running and exchange a simple HelloMessage with the Trisul server.

Beginner ? Here are some ready to run scripts from our open Github repo to get you started

  • print_resources.rb

    Print HTTP URLs seen by Trisul over a recent time interval. This is a step-by-step tutorial that also explains how to work with IPs and hostnames.

  • flows_for_ip.rb

    View top 100 flows for an IP in a time window.

  • pcap_simple.rb

    Get all SMTP and DNS packets in last one hour as a PCAP