This article helps with providing steps to install and use the HTTP Proxy app in Trisul Network Analytics.
To examine inside-out of Web Traffic Web traffic to identify suspicious content, which can be a spyware, malformed content, or any other type of attack and view the exact destination addresses of Hosts.
This app allows you :
- To handle HTTP CONNECT and straight through HTTP proxies (Squid and most other commonly available UTMs).
- To add a new Traffic Counter Group “External Hosts Proxy” to measure the actual Destination rather than the Proxy server IP.
- To label all flows with the actual destination host.
- To add EDGES for graph analytics.
- You can install the app by Logging on as Admin and selecting Web Admin > Manage > Apps > HTTP Proxy.
- Restart the probes after installing this app.
- You can view the data by selecting Retro > Retro Counters.
- Choose the counter-group as 'Proxy External'.You will get upload/download traffic by actual hostname.
- You can view the 'Edges' by selecting on any entries.
- To search for a Flows to particular target Hosts,Select Tools > Explore Flows and search expression[Example:@tag=mail.google.com@]