Hi Trisul users,
A new release of Trisul Network Analytics is now available on https://trisul.org/download
Introducing TRISUL EDGES ; this release brings the power of streaming graph analytics on to the Trisul platform. EDGES allow you to discover hidden relationships and networks within your network traffic. Imagine you see a ASN "Quintong Network" and you need to see which hosts, applications, certificates it is linked to. You can do this with just a click with EDGES.
We have carefully balanced the default settings to allow maximum coverage without requiring you to roll out and maintain a mega 8-node cluster. You can do it all on a single box even for very high Gbps loads.
RELEASE NOTES - FRESH PACKAGES released SEP-10-2017
Trisul Probe - 6.0.2844
- NEW FEATURE : Trisul EDGES streaming graph analytics
- FEATURE : probe generates new stream of Edges and Vertices
- RXRING packet capture CPU usage cut down on low bandwidth links
- TLS Organizations metrics - increase default HI-WATER to keep up with increase in TLS usage
- UDP Flow Tracking : Low timeout to reduce memory usage. From 120 to 30s
- FTS (Full Text Search) is now enabled by default
- DNS Resources : remove redundant logging of request resources
- Default Grain Size is now 256 packets , up from 64. Helps with AF_PACKET on high speed links
- FEATURE : Added EDGE support to LUA API allows you to add your own vertices and edges to stream
- NETFLOW : Improved CISCO ASA Firewall Support
- NETFLOW : VRF and NBAR support
- NETFLOW : Support 32-BIT Interface indices used quite a bit by Juniper IPFIX
- NETFLOW : Handle corrupted packets by using a heuristic validity check. Addresses a BUG in some vendors
- PACKET STORAGE: Fix issue on low speed links not unable to retrieve some flows
- COUNTER METRICS: MAX Counter Groups increased to 1024 from 256.
- INTEL FEEDS: Issue fixed with deleting old intel feeds files that have been superceded by fresh ones.
- Fix mem leak in corner case : when using Flow taggers labels not freed.
- Plus dozens of minor enhancements and tweaks
Trisul-Hub : 6.0.2788
- NEW FEATURE : TRISUL EDGE. Hub support for scalable storage and retrival of Edges/Vertices
- FEATURE : New architecture to handle high volume of graph edges on normal hardware/disks.
- FEATURE : Process to merge number of time series files. Aids in Backup speed.
- QUERY API for Edges to build into Hunting Tools
- IP Resolver will use NetBIOS if smbclient tools are available on the system
- DB refactored to support multiple schema versions
- Various other tweaks
WebTrisul - 6.0.2038
- NEW FEATURE : Edge Graph Explorer
- NEW FEATURE : Add new option "View Edges" to various Context Menus
- APPS : If no internet connection, show from cache if available
- FTS DNS invalid sequence "UTF-8"
- Improvements to Module selector - filter by name
- Dashboard Modules template T hours replaced by Actual time duration
- FTS (Full Text Search) View modified to stream data from server
- Show number of Countetgroup,Alert,Resouce,FTS as a badge
- NETBIOS DNS Look up tool added. Enabled if smbclient package installed
- Fixed some firefox bugs with CHARTJS and LASTBW
- Improved Home networks + acces points UI usability
- Various usability improvments
If you have'nt installed Trisul yet : This is your time to get into deep monitoring. The default free license does not expire but only collects the most recent 3 day rolling window. Go to https://trisul.org/download and get started.
For instructions on updating your builds go to https://trisul.org/download or for more detailed instructions visit the documentation page at https://www.trisul.org/docs/ug/install/doupgrade.html
Look forward to having you on board !!