07-Jan-2020Versions: Hub 6.5.2862, Probe 6.5.2982, Web 6.5.2206

Release Notes

Trisul Probe
  • FEATURE: High Availability (HA) 1 Probe can be dual homed to 2 Hubs
  • FEATURE: Disaster Recovery (DR) support for enterprise deployment
  • FEATURE: Pervasive BGP and Routing support, prefix analysis, path, path change,
  • New PCAP tools trisul_flowcap and trisul_reencrypt to help prune and rekey Trisul PCAP dumps
Trisul Hub
  • FEATURE: High Availability (HA) Primary and Backup domain IPs
  • FEATURE: Disaster Recovery (DR) Incremental Replication
Web Interface
  • FEATURE: Import a CSV file to assign labels to any counter group, export to CSV
  • FEATURE: GRAFANA support
  • FEATURE: Bulk import a CSV file and assign labels to keys
  • NETFLOW: Major updates to Netflow features
Trisul Apps

Trisul APPS are free extensions for real time analytics and visualization.

Get on to the Trisul Network Monitoring platform

High Availability (JAN 20)

Protect your data

HA and DR (Disaster Recovery) features to meet strongest enterprise requirements.

Read more

Crosskeys

Discover traffic flows

Unique insights into how traffic patterns flows from X to Y to Z. Example detecting internal assets talking to which apps to which countries.

Read more

Graph Analytics

Discover hidden networks

Save hours trying to hunt down X:Y relationships using older hunting techniques

Comprehensive new LUA API

Fully scriptable platform

Use plain Lua language File extraction, TCP reassembly, and a dozen other hooks

Read more

Older releases

13-Aug-2019Versions: Hub 6.5.2847, Probe 6.5.2960, Web 6.5.2179

Release Highlights

Trisul Probe

Key featureset to support BGP for ISP application

  • FEATURE: High performance BGP Route Receiver and integration built in
  • FEATURE: New Netflow metrics for BGP NextHop, IP Hext Hop, Prefixes, AS and others
  • FEATURE: Flow taggers can now specify a Tag Group to distinguish tags from multiple sources
  • FEATURE: AggregateFlows is now faster and can handle flow tags and tag groups
Trisul Hub
  • FEATURE: Much improved AGGREGATE FLOWS query
  • FEATURE: Ability to add more than 1 HUB node using the CLI tool trisulctl_hub
Web Interface
  • FEATURE: Much improved plugin API , your tool can attach to a context menu
  • FEATURE: APP framework, you can use HAML for the skeleton and a separate CSS
  • FEATURE: EDGE analytics added to Retro Tools
  • Several other fixes , new Ruby/Rails backend
Trisul Apps

Trisul APPS are free extensions for real time analytics and visualization

For full release notes see Trisul Release Announcement

Get on to the Trisul Network Monitoring platform

26-Feb-2019Versions: Hub 6.5.2834, Probe 6.5.2939, Web 6.5.2165

Release Highlights

A partial list of the most important features.

See Blog posts on the two biggest highlights

Trisul Probe
  • FEATURE : New Cross Keys counter group allows you to meter upto 3 counter groups.
  • FEATURE : Bug fix with some Netflow v9 equipment vendors when router timestamps are zero
  • FEATURE : Bug fix with Flow Taggers in some rare cases when tags are very long
  • FEATURE : LUA API : new flowkey() method added to object Layer
  • SCRIPTING: Released the BITMAUL protocol dissector library
Trisul Hub
  • FEATURE: Resources now partitioned by time to improve performance even further
  • FEATURE: Max number of probes per Hub increased to 16 in non-Enterprise
Web Interface
  • FEATURE: Explore Flows report now has an Export to XLSX option
  • FEATURE: Cross Key counter group UI
  • Netflow: Router interface drilldown report to PDF
  • Schedule report for Netflow router interface drilldown
  • Export to XLSX from Netflow reports
Trisul Apps

Trisul APPS are free extensions for real time analytics and visualization

For full release notes see Trisul Release Announcement

Get on to the Trisul Network Monitoring platform

21-Aug-2018Versions: Hub 6.5.2815, Probe 6.5.2922, Web 6.5.2144

03-Dec-2018 : New minor Release Trisul 6.5

This release introduces new features to help with Flow Analytics.
Read the Blog Post : Aggregate flows and Export to Excel features

Release Highlights

A partial list of the most important features.

Trisul Probe
  • FEATURE: Now supports multiple unix domain sockets to ingest from IDS
  • FEATURE: NXDOMAIN and other DNS failures triggers a minor alert
  • SCRIPTING: Released the BITMAUL protocol dissector library
  • CLI: Added help commands to all CLI trisulctl_probe commands
  • NETFLOW: Added option IgnoreEgress option to skip redundantly configured Egress NF9/IPFIX
  • and others
Trisul Hub
  • FEATURE: Resources now partitioned by time to improve performance even further
  • FEATURE: Max number of probes per Hub increased to 16 in non-Enterprise
Web Interface
  • FEATURE: Brand new Time Selector
  • FEATURE: Email log shows sent emails
  • FEATURE: Dashboard creation made easier with boxes for every position
  • FEATURE: Cardinality counters proper description is now showin Retro Counters
  • Plus dozens of other smaller fixes
Trisul Apps

Trisul APPS are free extensions for real time analytics and visualization

  • NEW APP: IOC-Harvestor pulls out network artifacts from multiple streams
  • NEW APP: IP2LOCATION based Geo Metering. Adds ASN, COUNTRY, CITY, PROXY info
  • NEW APP: AlienVault OTX integration to check your traffic against threat indicators
  • NEW APP: HTTP-Proxy app when deployed in a proxy environment
  • NEW APP: Edge Vertex monitor shows volumes for each vertex
  • UPDATED: JA3 Server signature added to TLS Fingerprint
  • UPDATED: PCAP Totals dashboard shows all metrics in one place

For a more complete list see Trisul Release Announcement