Traffic Monitoring with Trisul
Traffic monitoring is the central task of Trisul. Out of the box, Trisul measures over 120 parameters about 16 different "things" such as Applications, Hosts, VLAN, MAC, etc. A "Counter Group": Traffic metering concepts is the key concept you need to know about in Traffic Monitoring with Trisul.
📄️ Traffic Metering Concepts
This section attempts to briefly explain the basic concepts of counter
�📄️ Custom Counter Groups
Trisul ships with 40-50 counter groups. Often users want some special
📄️ Counter Group Settings
You can :
📄️ Name Resolution
You can assign a user friendly name for any type of item.
📄️ Custom Key Monitors
Custom Key Monitors allow you to monitor a set of key items in real time,
📄️ Performing Retro Analysis
Retro analysis is short for retrospective analysis. When applied to
📄️ Retro Analysis Tools
You have selected a time interval you want to focus on - whats next ?
📄️ Retro Q & A
Retro FAQs are complex network analysis like analysing network traffic, flows, and alerts rendered in plain English as a question for easy access.
📄️ Real Time Stabbers
Real time stabbers allow you to monitor various types of network
📄️ SSL/TLS Metering
Three new counter groups give you great visibility into the SSL
📄️ Deep Monitoring of IP assets
A common use case is to enable enhanced monitoring of specific assets.
📄️ Tasks
How can I view real time traffic ?
Traffic Analysis Features
Real Time
You can monitor any metric in real time using Real time stabbers. This helps with troubleshooting and real time tracking of developing situations.
Historical Analysis
Use retro analysis tools, long term traffic charts, monthly usage reports and other tools for historical analysis. Trisul does not summarize or roll up any old data.
Data Acquisition Methods
Packet Capture
The default mode. Trisul does all its analytics by directly capturing packets from the network. Learn how to capture packets for Trisul NSM.
NetFlow
Can also accept Netflow v5, v9, SFLOW, and IPFIX instead of packets. This is a powerful low-cost way to gain total visibility into your internal network traffic without a TAP and Probe rollout with packet capture techniques.
Task List
Jump to common network analysis tasks
- Find out which flows caused a traffic pattern
- View flow activity of a particular host or port in real time
- Jump from alerts to flows that caused them
- Set up flow trackers to analyze specific activity
- Investigate past activity
- Enable metering which depend on flows not packets
- Optimize full content storage (eg, store only first 1M of each flow)
Related Features
Chart usage of any item or view toppers in any counter group in real time.
Example : View in real time top Internal Hosts, or view Total Bps for Port 443
Select a time interval and drill down over 100 ways.
Select a time interval and click on pre-defined analysis in Q&A style
Create your own custom counter policies.