Announcing exciting new features in our new Trisul Network Analytics 6.5

New packages of Trisul Network Analytics have now landed on our download page. The features here are carefully selected to put advanced network traffic and security monitoring features into the hands of all enterprises big and small. Key features and updates in this new release.

  • Trisul EDGE : Now you can select a vertex and not only reveal its neighbors but also the heavy hitters amongst the edges. No more stumbling around, target your investigations sharply by leveraging graph analytics.
  • ERSPAN support : Automaticaly de-tunnels GRE encapsulated SPAN sessions. Now we have more deployment options.
  • Bulk PCAP Import : Improved PCAP import now processes long time frame PCAP files with much more efficient memory usage. Dont let your PCAP dumps lie around lifeless, import them into Trisul.
  • Enhanced Lua API : Developing your tooling doesnt have to be hard. Using plain Lua you can add functionality across the feature set. We recently open sourced BITMAUL a new LuaJIT based protocol dissection library which can help you quickly develop network protocol dissectors. Also in this release is a new “Asynchronous Execution” framework to allow script writers to specify the size of the worker thread pool. Simpler programming model helps you develop tooling faster

For full release notes – see our forum announcement

Why Trisul ?

Read More

Bottom-K, Cardinality Counting, and other new features in the latest TrisulNSM

We just released a new version of Trisul Network Analytics 6.5. This release features a lot of stability and performance improvements that make it even more attractive to deploy Trisul Network Analytics as your frontline NSM platform (Network Security Monitoring and Traffic Analytics).

This short post will share four nifty things you can use to supercharge your network security monitoring and traffic analytics.

Bottom-K lists

A most common operation that security engineers rely on it to take a particular parameter and see for Bottom-K or “rare keys”. Trisul’s streaming analytics make it trivial to run these types of queries over very long timeframes. The new release allows you to track Bottom-K items for any of the 100s of metrics available in Trisul.

Read More

Trisul Network Analytics 6.5 is now available

We are delighted to announce our latest release “Trisul 6.5”. We think this is our best yet. We have rolled into this lessons learnt from watching users of our previous releases and other tools. Our goal is to make Trisul the go-to tool for full blown NSM and deep network traffic analysis. At the same time, we did not want to cut corners in extensibility or performance. Towards that end, this release includes an even better Lua API and across the board improvements in performance.

Best of all, we’ve retained the 3-day sliding window License that lets you get started without any friction in sales calls or canned demos. Just get the bits and go live

What’s in this release

You can access the complete list of features on our Releases page. The key areas of change in this release are in the following broad categories:

Read More

New developer resource wiki

We are pleased to announced a new developer resource Trisul Devzone This will be useful for those using the Lua Scripting interface or the Ruby TRP API to automate Network Security Monitoring tasks.

This DokuWiki based knowledge base is designed as extra documentation that dont fit very well into the official reference and guides on We will share idioms, best practices, share interesting articles from other websites, and something very short tech tips on a regular basis here.

We hope the Network Security and Traffic Monitoring enthusiast community will find this new resource useful.

Free Download Trisul 6.0 ! Ready to go packages for Ubuntu and CentOS.

Read More