Well known GUIDs

You may need to get hold of these GUIDs when working with

  1. Trisul Filter Expressions
  2. TRP Scripts
  3. LUA scripts
You need to include the brackets in the GUID string.
You may use an online GUID generator such as guidgen to create these.

Jump to Counter Groups | Session Groups | Alert Groups | Resources | Protocols

Built in Counter Groups

1 {889900CC-0063-11A5-8380-FEBDBABBDBEA} Internal Hosts
2 {00AA77BB-0063-11A5-8380-FEBDBABBDBEA} External Hosts
3 {EEF95297-0C8D-4673-AD6B-F4BD2345FD69} Web Hosts
4 {22D4082E-B8BA-40D0-A287-1F524DF8DA7B} Email Hosts
5 {439002E4-3758-4E88-9438-8034FE1616AF} SSH Hosts
6 {AE3A1449-5663-41A5-A028-FDE61DBB7EFA} Unusual Traffic Hosts
7 {FF889910-9293-AAA5-0028-883991889884} Unleash Apps
8 {4CD742B1-C1CA-4708-BE78-0FCA2EB01A86} Hosts
9 {429B65AD-CDA4-452E-A852-24D8A3D0FBB3} Subnets
10 {393B5EBC-AB41-4387-8F31-8077DB917336} Aggregates
11 {79F60A94-44BD-4C55-891A-77823D59161B} Dir Mac
12 {4B09BD22-3B99-40FC-8215-94A430EA0A35} Mac
13 {C51B48D4-7876-479E-B0D9-BD9EFF03CE2E} Apps
14 {8AC478BC-8891-0009-5F31-80774B010086} Interfaces
15 {9F5AD3A9-C74D-46D8-A8A8-DCDD773730BA} LinkLayerStats
16 {E89BCD56-30AD-40F5-B1C8-8B7683F440BD} NetworkLayerStats
17 {A8776788-B8E3-4108-AD24-0E3927D9364B} VSAT
18 {0EC72E9E-3AD2-43FD-8173-74693EEA08D0} VLANStats
19 {6CD742B1-C1CA-4708-BE78-0FCA2EB01A86} HostsIPv6
20 {D2AAD7C6-E129-4366-A2AD-A8CB9AA4C2F4} HTTP Hosts
21 {C0C9757F-2005-4CC5-BB96-D72F607E6188} HTTP Content Types
22 {2314BB8E-2BCC-4B86-8AA2-677E5554C0FE} FlowGens
23 {C0B04CA7-95FA-44EF-8475-3835F3314761} FlowIntfs
24 {A0FA9464-B496-4A20-A9AB-4D2D09AFF902} Alert Signatures
25 {20BC4345-37F0-44D0-ABFF-3BED97363CB1} Alert Classes
26 {664D68BF-5544-43CE-A895-50F2E179EA5A} Remote Office
27 {3A597F63-29C0-44AF-A7EF-641897D68693} Organization
28 {6255BD85-2DCB-49E7-AF1F-1267AAF4DCA1} Blacklist
29 {4D88CC23-2883-4DEA-A313-A23B60FE8BDA} Meta Counter Group
30 {594606BD-EEB2-4E0B-BAC4-84B7057088C8} Meta Session Group
31 {9EFAFDD0-6CBB-4C04-8B13-2C8E0A9D3F85} Alert Priorities
32 {432D7552-0363-4640-9CC5-23E4CA8410EA} TLS Organizations
33 {5B64A573-623F-4F5B-8865-78C62BF466A7} TLS Cipher Suites
34 {15856A98-7F87-46D7-84D2-18DD549F8A6F} TLS Certificate Authorities

Session groups

1 {99A78737-4B41-4387-8F31-8077DB917336} TCP/UDP/ICMP/GRE and other flows
2 {FFA78737-4B41-4387-8F31-8077DB917336} VOIP call info

Alert Groups

1 {9AFD8C08-07EB-47E0-BF05-28B4A7AE8DC9} IDS Alerts from Snort/Suricata via Unix Socket
2 {5E97C3A3-41DB-4E34-92C3-87C904FAB83E} Blacklist alerts from Trisul Badfellas plugin
3 {03AC6B72-FDB7-44C0-9B8C-7A1975C1C5BA} Threshold Crossing Alerts
3 {18CE5961-38FF-4AEA-BAF8-2019F3A09063} Flow Tracker Alerts

Resource Groups

1 {D1E27FF0-6D66-4E57-BB91-99F76BB2143E} DNS Resources
2 {4EF9DEB9-4332-4867-A667-6A30C5900E9E} URL Resources
3 {5AEE3F0B-9304-44BE-BBD0-0467052CF468} SSL Certificates

FTS – Full Text Search groups

1 {9FEB8ADE-ADBB-49AD-BC68-C6A02F389C71} SSL Certificate FTS
2 {28217924-E7A5-4523-993C-44B52758D5A8} HTTP Header FTS

Protocols

Ethernet {974FB098-DE46-45db-94DA-8D64A3BBCDE5}
IPv4 {0A2C724B-5B9F-4ba6-9C97-B05080558574}
IPv6 {85C0CCED-DA8D-4029-924A-A6AB87F62EF8}
ICMP {7DDD65F2-A316-43b5-A103-368E700E045E}
UDP {14D7AB53-CC51-47e9-8814-9C06AAE60189}
TCP {77E462AB-2E42-42ec-9A58-C1A6821D6B31}
j