TRP Code Samples
Tutorial samplesTop
Have you first read the step-by-step tutorial
If you have, then you know
- how to set up a TRP environment
- how to securely connect to a Trisul instance
- exchange a basic message
Samples in RubyTop
All these samples are written in Ruby, and use the trisulrp gem. These scripts can be easily adapted to other languages like Python or Java.
We have a new Github repo called trisul-samples containing all our scripts.
| Name | Description |
|---|---|
| traffic_volume | Hourly volume of traffic for any item (say hourly HTTP traffic over past 3 weeks) |
| flows_for_ip | Print top 100 flows for an IP or host during the past 6 hours.This script contains detailed line by line comments, so start here |
| grep_flows | Print a maximum of 100 flows which contain a payload matching a specified pattern |
| pcap_simple | Retrieve all SMTP and DNS packets over the last 1 hour. This sample demonstrates the use of a Trisul Filter Format expression |
| cginfo | Print information about all available counter groups |
| topper_list | Print topper list for a particular meter within a counter group |
| sessions | Print top 100 flows by volume seen in an arbitrary time interval |
| alerts_query | Print 100 alerts in last 6 hours of Priority 1, 2, 3 |
| csx.rb | An advanced script prints the certificate chain for all HTTPS connections established by a host in a time interval. You need to run this script on a PC which has Unsniff Network Analyzer installed. |
LinksTop
You will need to refer to the following material
