====== Trisul Apps ====== Trisul Apps are click-to-install extensions to Trisul Network Analytics. They fall into three categories - **Analytics** — Using the Trisul LUA API adds custom analysis. - **JS/D3 Dashboards** — Uses the JavaScript/TRP API to visualize historical data. - **Packaged Dashboard** — Dashboards, modules, and configuration sharing. ==== Starting links ==== - [[https://www.trisul.org/docs/ug/webadmin/apps.html|Trisul Docs : How to install Apps]] - [[https://github.com/trisulnsm/apps|GitHub Repo trisulnsm/apps. Contains all apps with source code and instructions ]] ===== New Apps and Announcements ===== To know more about the features of Trisul Apps, Here is a video. {{youtube>n8SZfBDLVwo?medium}}. **The Top Premium Apps of Trisul are,** ==== FireHOL Checker ==== The new [[tips:firehol_checker|]] App creates a high priority alert for block listed IPs(Level 1) and Low Level Priority alert for Malicious Ips(level 3),Shift to level 1 if significant data transfer occurs. To view more about FireHOL Checker App, Follow [[https://github.com/trisulnsm/apps/tree/master/analyzers/firehol|GitHub Apps: FireHOL Checker]]. ==== CIDR Flow Tagger ==== The new [[tips:cidr_flows|]] App creates Automatic flow tags for all the network traffic with CIDR network tags and integrate them into the backend indices. To view more about CIDR Flow Tagger App, Follow [[https://github.com/trisulnsm/apps/tree/master/analyzers/cidr-tagger|GitHub Apps: CIDR Flow Tagger]]. ==== IP2Location LITE Geo Metrics ==== The new [[tips:ip2location_lite_geo_metrics|]] App processes the following CSV databases and provide data in UI. * ASN-Lite:Metrics based on Autonomous System Number. * DB3-Lite:Metrics based on Country and City. * P2-Lite:Metrics based on Proxies. To view more about IP2Location LITE Geo Metrics App, Follow [[https://github.com/trisulnsm/apps/tree/master/analyzers/ip2location|GitHub Apps: IP2Location]]. ==== Suricata-EVE-Unixsocket ==== The new [[tips:suricata-eve-unixsocket|]] App creates threat signatures that will turn into a powerful frontline alert monitoring system for any enterprise.Usually Suricata show up as IDS alerts in Trisul. To view more about Suricata-EVE-Unixsocket, Follow [[https://github.com/trisulnsm/apps/tree/master/analyzers/suricata-eve-unixsocket |GitHub Apps: Suricata-EVE-Unixsocket]]. ==== TLS Fingerprinter ==== The new [[app:tlsfingerprint|]] App is used to guess a SSL/TLS client intelligently with known prints and build a profile for known clients for white-listing using JA3-Hash. To view more about TLS Fingerprinter App , Follow [[https://github.com/trisulnsm/apps/tree/master/analyzers/tls-print|GitHub Apps: TLS Fingerprinter]].