12.10. Application Options
This page describes the web application settings.
12.10.1 Customize
To access this login as
admin and select WebAdmin Manage → App Settings12.10.2 UI
| Option | Default Value | Description |
|---|---|---|
| Google API Key | Google map API key. You need this to view the Geo map | |
| Explore Flows Max Items | 2000 | When retrieving flows stop when these many flows are reached. All flow based calculations will be done using these many flows. The next parameter Explore Flows Show In Tables specifies how many of these will show up in raw flow tables on the web UI. |
| Flows shown in tables | 500 | Show these many ‘top flows’ in raw flow tables. |
| User Password Minimum length | 6 | Minimum characters you can use in user password |
| Log Level | INFO | Filter expression for viewing log files , includes expressions like : # DEBUG # ERROR # INFO |
12.10.3 Proxy Settings
Web Trisul needs to reach out to the internet for two things.
- to download latest threat feeds for the BadFellas plugin
- to install Trisul Apps which are hosted on Github
If your Trisul-Hub node does not have internet access you need to configure a proxy server.
| Option | Default Value | Description |
|---|---|---|
| Proxy Server IP | Address of the proxy server | |
| Proxy Server User Name | Specify the Username if required by the proxy | |
| Proxy Server User Password | Specify the Password if required by the proxy |
Test it
- Login as admin
- Go to Webadmin > Manage > Apps
- If you get a list of packages without the error “Check your internet connection error”, the connection is working.
12.10.4 Packet Inspection
| Option | Default Value | Description |
|---|---|---|
| Deep Packet Inspection limit | 21600 Secs | Time limit for deep packet inspection |
| Deep packet inspection content limit | 100 M | Maximum number of bytes to be retrieved as a result of the packet retrieval _Pull packets operation |
12.10.5 Web Server
| Option | Default Value | Description |
|---|---|---|
| Idle timeout | 15 | Time set to logged webtrisul when idle |
| Server port | 3000 | The webserver port. This setting is used by some cron tasks (like report mailers). If you move the default nginx port make sure you reflect that change here. |
| Web Server Security | NONE | Used by report jobs. Is web server using SSL? |
12.10.6 Schedule and Email reports
| Automatically email scheduled reports | YES | Global setting that controls if scheduled reports are mailed out |
| Automatically email threshold crossing alert summaries | No | Global setting that controls if TCA reports are mailed out |
| Business Hour | 00:00:00-23:59:59 | Business hours time used to restrict default report generation time window for each day |
12.10.7 Chart
| Option | Default Value | Description |
|---|---|---|
| Conversation Chart Ring items | 10 | Number of peers to be shown in the conversation ring. This chart appears in the Tools → Investigate IP Activity analysis |
| Matrix Chart items | 10 | No of items to be plotted in the conversation matrix. This appears in Tools → Explore Flows |
| Chart Effects | - | Special effects for charts |
| Show data value tooltips | 0 | Show timeseries data point as a tooltip |
| Show Percentile | 0 | Show a 95th percentile line on charts. Enter 98 to show 98th percentile, 0 to disable |
12.10.8 Dashboard and modules
| Default items in Top-N Dashboards | 10 | All Top-N starts show these many by default, with a “More” button to expand. |
| Show module description | Yes | A description if shown below each module to help you understand what is being shown. If you are a power user and would like to hide this text, then set this to False |
| Show help tips for menu items | Yes | A tooltip is shown for menu items to help you learn about the various options. You can turn these off if you are already familiar with the UI |