This article helps with providing steps to install and use the HTTP Proxy app in Trisul Network Analytics.

To examine inside-out of Web Traffic Web traffic to identify suspicious content, which can be a spyware, malformed content, or any other type of attack and view the exact destination addresses of Hosts.

This app allows you :

• To handle HTTP CONNECT and straight through HTTP proxies (Squid and most other commonly available UTMs).
• To add a new Traffic Counter Group “External Hosts Proxy” to measure the actual Destination rather than the Proxy server IP.
• To label all flows with the actual destination host.
• To add EDGES for graph analytics.

1. You can install the app by Logging on as Admin and selecting Web Admin > Manage > Apps > HTTP Proxy.
2. Restart the probes after installing this app.

• You can view the data by selecting Retro > Retro Counters.
• Choose the counter-group as 'Proxy External'.You will get upload/download traffic by actual hostname.
• You can view the 'Edges' by selecting on any entries.
• To search for a Flows to particular target Hosts,Select Tools > Explore Flows and search expression[Example:@tag=mail.google.com@]