Hello Trisul Users,
We are pleased to announce the latest Trisul Network Analytics Release 7.0!!
Existing users are encouraged to upgrade immediately to this release to take advantage of several improvements, including feature enhancements, bug fixes, and platform stability updates.
New users: Please sign up and go to the download page: https://www.trisul.org/get-started/.
Top Highlights:
Get ICMP Flood alerts and Blacklist country flags for faster threat response.
Visualize multicast traffic with the all-new Multicast GraphX — a powerful real-time tool to monitor multicast groups by mapping senders, receivers, and group addresses for faster troubleshooting.
Support importing multiple IPs per row in IPDR CSVs for faster, cleaner bulk data entry.
RELEASE NOTES:
Trisul-Probe 7.0.3198
0105957: PROBE: Fixed: TCA range alert max item bug impacting DDOS alerts.
0105964: PROBE: Ability to create a cross key from a filtered Counter Groups(CG).
0105966: NETFLOW: FIXED: Checkpoint NAT issue due to 32-bit field mismatch.
0105970: PROBE: FIXED: Cross Key issue when some keys were missing.
0105974: NETFLOW: Added support for running counters in Checkpoint devices.
0105989: METERS: Cardinality hyperlog updates for low-cardinality meter data (<1000 items).
0106004: PROBE: Successfully built and tested on CentOS 7.
0106005: BADFELLAS: FIXED: Data Update issue due to file permission restrictions.
0106054: IPDR: Fixed: Half-NAT issue when handling NAT mapping with multiple port mappings.
0106055: IPDR: Enhanced Half-NAT TCP and UDP timeout options and timecheck algorithm.
0106065: PROBE: Increased max backends to 8 for large-scale network deployments.
0106069: TRP: Fixed: CounterItemNG not working in multi probe, multi layer setups.
Trisul-Hub: 7.0.3145
0105939: TRP: QuerySessions supports protocol autocomplete and $key format.
0105945: Replaced dpkg-sig with a compatible Ubuntu(Noble) alternative for package signing.
0105979: Monit now retains existing monitrc configuration file instead of replacing a new file.
0105997: HUB: Fixed: TRP Cardinality name showing correctly for derived CGs.
0106005: Fixed: BADFELLAS data Update issue caused by permissions.
0106010: FIXED: Descriptor error in trisulctl_hub domain process start.
0106047: IPDR: IPDR qstream flow includes start and end time in DOT format.
0106058: FLUSHD: Fixed: BucketSize issue in TrfOffsets causing spikes when resolution not default.
0106069: TRP: Fixed: Counter Item NG overwrite issue in multi-probe/multi-layer setups.
0106072: HUB: FEATURE new trisul_query flow stream flush with multiple compressors.
0106074: IPDR qstream now supports multi-threading and improved cancellation.
WEBTRISUL 7.0.2572
0105937: Added option to generate and display Authentication/API tokens.
0105936: API: Manage users(add/edit/delete) with admin or super admin access.
0105935: NETFLOW: Added menu to explore flows & aggregate flows from interface drilldown
0105958: ISP: Added drop down menu for peering and prefix analytics drilldown.
0105976: IPDR customer import supports multiple IPS in one CSV row.
0106000: Alerts now include country flags for blacklisted IPs.
0105998: Automated TCA alerts for ICMP flood detection.
0105999: Added: Top Hosts & Apps in email alerts (HTML Format).
0106008: Syslog now uses journalctl for Ubuntu 24 and RHEL9.
0106011: PDF reports now match UI data for "Current Apps".
0106013: WEB: Autocomplete enabled across real-time modules.
0105927: GEO: Add MaxMind GEOIP key configuration via WebTrisul.
0105978: Detects and skips duplicate entries in IPDR CSV imports.
0105986: Added Send email report option in scheduled report page.
0105991: New Sankey chart module in the dashboard.
0106001: Email settings include "Ignore TLS" option.
0106012: Fixed: Real-time module error that caused file descriptor limits to be exceeded.
0106017: WEBTRISUL: Automatically use port from nginx configuration file.
0106018: Enhanced Change webserver port and set SSL via nginx for https.
0106020: Threshold Crossing Alert now show control box interface.
0106022: Enhancement: Show ifspeed on Custom Key Monitor (Flow Interface Selection).
0106023: Custom Key Monitor Report for High Utilization Interfaces (75%).
0106024: Enhanced email alerts: Added summary table at top of reports.
0106026: TCA alert emails now show utilization in bps for flow interface counter group.
0106028: Removed "Download CSV" option from Custom Key Monitor.
0106033: TCA Alert reports now downloadable.
0106041: Custom Key Monitor supports regex for filtering keys.
0106050: Multicast GraphX supports any three-level cross key mapping.
0106063: IPDR mode now applicable to multiple probes.
0106068: Enhanced Real-time single-value modules for multi-probe environments.
Trisul Network Analytics is the leading solution for maximum visibility into your network traffic patterns. Whether it's NETFLOW or RAW PCAP, Trisul helps organizations gain peace of mind by solving their detection, visibility, and compliance challenges.
Head on over to https://trisul.org/ sign up and download the latest update.
Hope you enjoy this release.
Cheers!
Trisul Team