New Release Apr 25 2017 : New Netflow , API, and UI enhancements

admin

Hey Trisul users,

A new release of Trisul Network Analytics with a ton of enhancements is now available on http://trisul.org/download

Rel : Trisul Probe 6.0.2798
Web: Web Trisul 6.0.2000

RELEASE HIGHLIGHT

Big improvements in Netflow monitoring, a totally revamped Routers and Interfaces Drilldown that will save considerable time for analysts. A new "Interface Tracker" streaming algorithm that you can enable on very busy interfaces for accurate lossless historical drilldowns into Top-K users of interfaces. Now you can also use SNMP to automatically resolve all Interface and Host Names.

RELEASE NOTES

Trisul Probe 6.0.2798

NEW: self monitoring metrics. "Disk Bandwidth" metric measures at what rate Trisul is writing PCAPs to disk. In Mbps, and IOPS
SYSLOG ALERTS: Alerts to syslog revamped. No longer via Config file but from UI.
NEW : Flow tracking is now along two dimensions. Eg, track all Long Lived flows but only for SSH
File Reassembly. If there are no LUA scripts to handle reassembled files, remove automatically from ramfs partition.
IPv6 : Flows were not showing up for UDP and ICMPv6 earlier
NEW : Enabled UDP flow tracking for LUA. This will help due to increasing use of Google QUIC protocol (eg Youtube)
IP Flow Tracker LUA : Totally flexible method to listen to flow stream and care sub-stream of flows using LUA for special analysis. https://www.trisul.org/docs/lua/flow_tracker.html
Many bug fixes.

Trisul Hub 6.0.2762

BUG: SearchKeys TRP API was not working with IPv6. Fixed
BUG: CRON Task cleanpersists (which ages out and deletes persistent data like hostnames) was not running
FIX: CRON Task cachebuild (which arranges top keys disk layout for fast access) was not working for some counters
FIX: Overlay mode was not working

Web Trisul 6.0.2000

FEATURE: New Netflow Configuration WIzard helps you set up all config in a minute
FEATURE: New Email Alert is much more comprehensive, includes contextual info in the alert email itself
FEATURE: Introducing Trisul Apps - a way to package and import extensions for both UI and Analytics.
FEATURE: UI comparison widget. Add any chart to all charts on any dashboard by just pressing a button. This allows you to place any trendline in context of 'shapes' of other metrics.
FEATURE: Magic Box widget allows you to visualize and spot busiest routers and interfaces for drilldowns
NEW : SNMP Resolver for Netflow Routers (sysName) and Interfaces (ifDescr or IfAlias from IF-TABLE MI😎
Ability to use PROXY servers for both Intel Feed downloads and for Trisul Apps
Hundreds of tweaks to the UI and fixes to make the whole experience smooth

Trisul is an incredibly powerful Network Traffic and Security Monitoring platform you can deploy today for FREE ( https://www.trisul.org/free/) to gain visibility into your network traffic from a hundred different angles.

http://trisul.org

Enjoy,

Team Trisul (signed in via Github)

admin

Maintenance update to the Apr 25 2017 build now available for download.

Resolved

BUG : Create New Filtered Counter Group caused incorrect BucketSize for counters
BUG : Combination Flow Trackers were not working as expected. If you tried to create "Tracker for Long Lived SSH Flows" that would have given incorrect results.
BUG : IP Resolver was not working as expected (for Netflow mode only)
BUG : Removed erroneous Web Trisul CRON tasks, 2 Old tasks that are no longer used were present and that caused error messages in mail spool.
FEAT: Due to high demand - added two extra metrics in HOSTS and APPS to track metrics for these counter groups relative to INGRESS and EGRESS view point of network interface. (Netflow only)

Do I need to upgrade?
If you using any of the above features you need to update to get the fixes. If not you can wait for the next monthly build. ( last week of May)

Enjoy

Trisul Team