Working with network flows gets easier with the new Trisul update

Network flows or conversations are a very important part of network security and traffic analytics. Trisul has always had excellent support for reconstructing, storage, and querying of very large scale flow databases. However, we watched customer workflows and found that we could dramatically make their lives easier by adding a couple of nifty new features. We just pushed out a new release that puts these two new tools in your hands.

Aggregate Flows
Run a query and aggregate all parameters that make up a flow
Export to Excel
On all flow related tools add a “Export to XLSX” button that exports results into a MS Excel document

Aggregate Flows

You used the “Explore Flows” tool in previous versions of Trisul to query flows using any combination of ips, ports, protocols, netflow interfaces, etc. This works great when your primary use case is security where you expected a few thousand hits. The Explore Flows tool used only the first MaxCount (by default 10K) flows to perform the analysis on the browser.

Read More

Trisul packages now available for Ubuntu 18.04 Bionic Beaver

We are pleased to make the following announcements.

New Ubuntu 18.04 repository ready to install packages

We just released packages of Trisul Network Analytics for Ubuntu 18.04 LTS 64-bits (Bionic Beaver). For most new users of Trisul we recommend the Ubuntu 18.04 64-bits Server Install as the first choice installation platform.

Read More

Announcing Trisul-Probe docker image and new distributed monitor features

We just released new builds of Trisul Network Analytics 6.5 with some exciting updates.

Trisul Network Analytics is a distributed monitoring platform. In the distributed setup, a network of “Probe nodes” can report to one or more “Hub nodes”. We provide Ubuntu/CentOS/RHEL packages for the probe and hub nodes. But we really like Docker for its sheer ease of deployment and upgrades. We already have a popular Docker Image with over 10K pulls for our single-node solution called trisulnsm/trisul6

Today we are excited to release a new Docker image of Trisul-Probe that lets you roll out a new probe in under 3 minutes.

This blog post is a quick tour of the distributed management features you can find in this release.

Read More

New Trisul Network Analytics 6.5 released with new charts and APIs

We just released new packages of Trisul which include many features which make many Network Security Monitoring and Traffic Analytics workflows even easier. Highlights of this release are improved charting of timeseries metrics, ability to integrate simultaneously with multiple instances of IDS systems, improved CLI and diagnostic tools, and 3 new Trisul APPs.

New faster charts help with long term analysis

Retrospective analysis in Trisul usually starts with a long term time series chart of a particular type of metric. Then narrowing down a timespan and then applying a number of tools to that time interval. This release introduces a more flexible time selector that is more interactive and faster to use.

Much improved retro analysis time selector

Read More