We just released Trisul 2.2. The real time stabbers from 2.1 have got a complete overhaul. However the star of this release is the Real Time Alert Stabber. I believe this the first web based real time IDS alert console. What’s even better it is written purely using open standards (no flash).

d3.js made the visualization possible

The challenge was to not only present incoming alerts but to create an effective visualization.

Animate alert activity so the screen looks alive
High level of interaction
Handle SVG and tabular representations of the same data
Create two interconnected layouts – one on a time scale and one aggregated
Cheap updates – keep redraws to a minimum
Purely client side

I stumbled upon d3.js created by Mike Bostock and I would like to say that we could not have developed such a complex UI without d3. Once you get over the initial learning curve, d3 feels so right. I have started thinking in terms of enter(),update(),exit(),data()..for all dynamic UIs now. In return, I owe it to spread the word about this great library and help out with explaining how this was constructed.

Author: Vivek Rajagopalan

Vivek Rajagopalan is the a lead developer for Trisul Network Analytics. Prior products were Unsniff Network Analyzer and Unbrowse SNMP. Loves working with packets , very high speed networks, and helping track down the bad guys on the internet. View all posts by Vivek Rajagopalan