Trisul Remote Protocol

Write reusable scripts to create your own reports in any format, automate hunting, and other security monitoring tasks

Get started

This short step by step tutorial explains how you can get a ruby script running and exchange a simple HelloMessage with the Trisul server.

• Step by step tutorial using Ruby

DOCUMENTATION

API message reference.

TRP sample scripts

Programming model

TrisulRP Ruby Gem RDOCs (External)

Other links

Google protocol buffers on which TRP is built.

The trisulrp ruby gem project on Github. Pulls welcome!

The trp.proto file - if you want to write clients in any language supported by protocol buffers

GITHUB CODE SAMPLES

Beginner ? Here are some ready to run scripts from our openGithub repoto get you started

print_resources.rb

Print HTTP URLs seen by Trisul over a recent time interval. This is a step-by-step tutorial that also explains how to work with IPs and hostnames.

flows_for_ip.rb

View top 100 flows for an IP in a time window.

pcap_simple.rb

Get all SMTP and DNS packets in last one hour as a PCAP