Trisul 5.5 Multi layer streaming network analytics

Trisul monitors a continuous stream of network traffic and extracts hundreds of useful indicators down to the packet level. Never be caught short of actionable security and performance information. Traffic statistics correlated with flows, resources, alerts, and packets is now just a click away.

  • Over 200 streaming network KPIs
  • Real time and historical reports
  • Traffic, flows, alerts, packets
  • Drill down, sideways and pivot
  • Full text search for SSL and HTTP resources
  • Extensible via C and LUA

Measure all activity

Long term monitoring of over 100+ traffic meters at all layers . Real Time Stabbers for live monitoring.

Flows and alerts

Store all flows, DNS names, HTTP URLs, and alerts. Pull up raw packets backing these metadata objects instantly.

Flag weird activity

Hold up your traffic against millions of blacklisted IPs, domains, and URLs. Create flow trackers which alert you when suspicious things happen at a flow level.

Ready to use reports

Trisul includes a dozen tools for historical analysis. Over 40 reports of all kinds are ready to be viewed or emailed to you automatically.

Scalable and cost effective

Trisul runs on Linux, which means there are no expensive OS or database licenses to buy. It is designed to scale to really large networks.

Dont click, automate !

TRP enables you to write small Ruby scripts to automate repetitive network analysis tasks.

What users are saying..

"I was using tshark to capture all the packets and then having to carve a 15 GB pcap down to just the packets I wanted to look at and then re-assemble the document. That particular task would have taken me around thirty minutes to accomplish without Trisul." Timothy Howard, City of Delaware

"Trisul has been monitoring our VSAT (satellite) and internet links, our team gets an email everyday with a summary of issues with our network. We were able to cut down our multicast VSAT traffic with help from Trisul" CIO - ITI Financial

"Trisul is an amazing product with a strong emphasis on network and security monitoring. Trisul's integration of the two enables us to leverage existing IDS tools and network traffic and flows into visualizations putting them in context immediately" Mark Maunu, Network Security Analyst, USA

Plugins Advanced counting and classification


Check for blacklisted traffic

Compare your network traffic against reputed public blacklists. Supported lists include : Amada, Malware Domain List, DShield, Phish Tank, and 6 others.

Learn more


Add Country and ASN metering

Meter traffic by country and ISP network. Tag each network flow by country code or combine multiple countries and tag flows that way.

Learn more


Categorized Web Traffic

Meter and tag web traffic by category such as news, social networks, video, adult, etc. Allows you to keep an eye on your enterprise traffic profile.

Learn more