Installable dashboards, custom analytics, and other extensions to the Trisul Network Analytics Platform
- Dashboards : New visualization and dashboards
- Analytics : Real Time packet analysis tools, metrics, and other extensions
- Hunting : Tools to analyze saved data
To install these tools
- Login as admin
- Go to Webadmin > Manage > Apps
- Click on the App you want to install
- For each App click on the README link for additional instructions
APP Name |
Description |
Alienvault OTX |
Scans your traffic against AlienVault OTX Intel, needs IOC-Harvestor APP |
FireHOL checker |
Alerts if activity seen from FireHOL blacklist |
Geo based on IP2Location db |
Geo based metering to Trisul using the IP2Location LITE databases |
HTTP Proxy |
Extracts metrics in HTTP Proxy |
IOC Harvestor |
Harvests intel items into a single resource stream from different places in Trisul pipeline |
Passive DNS Extractor |
Extracts IP to Domain map |
PingMON |
Large scale PING reachability and latency monitor |
Protocol Tree Metrics |
Generates metrics in a protocol tree |
Prune Encrypted PCAP |
Prunes high volume encrypted Netflix/YouTube from PCAP storage |
Prune TLS from PCAP storage |
Dont store TLS traffic |
SNI TLS Metrics |
Traffic metrics from TLS Server Name Indication |
SNMP Poller |
SNMP Poller for Interface Usage |
SSH Events |
SSH Login and Tunnel |
Squid Proxy Metrics |
Extracts metrics from proxy servers traffic |
Save Binaries |
Extract binary files, PDF, Flash from traffic |
Suricata via EVE UnixSocket |
Suricata alerts via EVE Unix Socket |
TCP Analyzer |
Identify hosts experiencing TCP performance |
TLS Fingerprinter |
Generates and tracks TLS Fingerprint indicators |
TLS Metrics Pack |
Generates extra metrics and relationships in TLS traffic |
CIDR Tagger |
Tags flows with CIDR subnets |
Umbrella Top-1M |
Tracks DNS queries outside the Top-1-Million |
APP Name |
Description |
Country Analytics Drilldown |
View country mappings for routers and interfaces |
Daily Key Report |
Shows daily usage report for key |
Edge vertex Monitor |
Show usage report for selected guid,meters and keys |
Geo IP Lookup |
Shows the ip look up |
ISP Country Analytics |
View country mappings for routers and interfaces |
ISP Home Prefixes Analytics |
View home prefixes mappings for routers and interfaces |
ISP External Prefixes Analytics |
View external prefixes mappings for routers and interfaces |
ISP Overview |
Top level dashboard for ISP |
ISP Router Geo Map |
View country locations for your router |
IXP Analytics |
L2 IXP Traffic Analytics |
Key Space Explorer |
Search all active key space and get total usage |
Multi Probe Charts |
Draw a multi-probe chart |
Path Analytics |
Shows the top used AS PATHS |
Peering Analytics |
View ASN mappings for routers and interfaces |
Peering Analytics Drilldown |
View ASN mappings for routers and interfaces |
PCAP Totals |
Shows total summary of pcap file |
Prefix Analytics Drilldown |
View Prefix mappings for routers and interfaces |
Protocol Tree Viewer |
View metrics in a Protocol Tree |
Sankey Crossdrill |
Show sankey chart for crosskey filter counter group |
Search Keys |
Search keys to check any usage activity in your network |
Security Overview - Internal Hosts |
Shows IDS and Badfellas alerts count for internal hosts |
Super search host |
earch all hosts by domain name and print total usage of each. |
Usage Activity Heatmap |
Shows key activity usage in d3 heatmap visualization Day/Hour |
APP Name |
Description |
DNS monitoring |
DNS Custom Metrics and dashboards |
ISP Dashboard Pack |
Some useful dashboards for ISP Analytics |
Probe Performance |
System performance of Trisul Probes |
Save Binaries Monitoring |
Dashboards for the Save Binaries App |
Simple executive |
Top Inbound , Outbound Apps and risky traffics |
TCP Analysis |
TCP analyzer dashboards |