11.1. Reports
Trisul comes with dozens of pre-defined reports for your use. You can either view them on the browser or send them via email periodically.Accessing reports
The central place where all reports can be accessed is via the Reports menu. You can also download various reports in CSV or PDF formats in different sections in Trisul.
Select Reports in the left menu section
Creating your own reports
Using the Trisul Remote Protocol API you can write Ruby scripts that create your own reports.
11.1.1 Report time
For each report type, you can easily select a number of predefined time windows as shown in the image below
Report
11.1.2 List of reports by type
Report types
- Endpoints and Applications — Of particular entities like an IP, port, router
- Executive — At a glance
- Common counters — Popular counter groups, top hosts, apps, etc
- Adhoc reports — Report on anything monitored by Trisul
Endpoint and Applications
| Report Name | Description |
|---|---|
| Endpoint IP Address | Generates a summary report for a specific IP Address |
| Application | Generates a summary report for a specific port / application |
| Router Interface | Report for traffic bandwidth and users for a particular router interface |
| IP Usage | Generates Total,in and out bandwidth consume chart for a specific IP |
Executive
| Report Name | Description |
|---|---|
| Consolidated IP Report | Total,in and out bandwidth traffic with top Internal hosts,top apps and port network layer protocols. |
| Executive Network | Total usage,alerts,bandwidth utilization |
| Internet Service Provider | Total bandwith,Hosts,Apps,Top ASNumber and Countries lists |
| Subscriber Activity | An overview of all your internal hosts |
| Router and Interfaces | Traffic details per router and about top router interfaces |
| Malware, botnet, virus infections | A summary of all your internal hosts that might be compromised |
| “IDS Alerts” | Summary of top IDS (Intrusion Detection System) alerts via Snort/Suricata |
| Deep drilldown of Internal Hosts | A comprehensive drilldown of internal host activity |
| Deep drilldown of External Hosts | A comprehensive drilldown of external hosts |
| Deep drilldown of Applications | A comprehensive drilldown of applications |
| Multicast Vs Interactive |
Multicast Vs Interactive |
Commonly used Report
| Report Name | Description |
|---|---|
| Key usage report | Track usage of key activity from any counter groups. |
| Apps | Get report of top applications on your network. |
| Internal Hosts | Get report of top internal hosts on your network. |
| External Hosts | Get report of top external hosts on your network. |
| ASNumber | Get report of top ASNumber on your network. |
| country | Get report of top countries on your network. |
Adhoc Reports
| Top Traffic Report | Get toppers for any counter group |
| Top Session Report | Get top flows on your network |
| Security Report | Overview of all security alerts seen by trisul alerts |
| Custom Key Report | Track usage of any keys |