[[Trisul : Open source network metering and forensics]]
 
Trace: » Trisul : Open source network metering and forensics

Documentation

Install Guide

Run Trisul

Web Trisul

Trisul

Frequently Asked Questions

Get it

Trisul project at Sourceforge

Download

Support

Bugs

Latest News

14-Oct-08 New build 187 - Stability fix, new chart types, performance fix !

Trisul Development News

Trisul : Open source network metering and forensics

Trisul meters bandwidth usage, monitors flows, and stores raw packets for future analysis. All traffic data is stored in a SQLITE3 database. It communicates with the outside world via the Trisul Remote Protocol (TRP) and via a Ruby-on-rails application called Web Trisul. What sets Trisul apart from other monitoring tools is its drilldown capabilities (show me top hosts using ICMP at 5AM this morning, etc).

Some applications of Trisul

  • Remote probe for network analyzers
  • Source of statistical and flow data
  • Standalone web based traffic monitor
  • Forensics
  • Network Security Monitoring

Trisul is created by Unleash Networks and is dual-licensed under the GPLv3.

Details of GPLv3 Unleash Networks

Features

Traffic meterMeters bandwidth usage per IP, Protocol, Subnet, etc. Historical usage stats are stored in a SQLite database for future retrieval
Top N monitorContinuously tracks the top contributors to traffic by IP, Protocol, Subnet,etc. Historical topper statistics are stored in a SQLite database for future retrieval
DatabaseAll data is persisted in a SQLite database. This allows data to be retained across system reboots or application crashes
Optimized Memory ModelA sophisticated memory model allows you to handle high volume networks without eating up memory endlessly
Flow monitorTracks TCP/IP flows in real time and stores them in a SQLite database
Raw DataArchives raw data in a ring file for later re-analysis and forensics
Trisul Remote ProtocolAllows real time remote monitoring and drilldown. Used to communicate with Unsniff (or other analyzers which support the TRP protocol)
Web TrisulA open source Ruby on Rails application that can be run alongside Trisul. This setup will turn Trisul into a web based network usage monitoring program like ntop. Web Trisul uses several new technologies like AJAX and SVG Charting to minimize rasterization load on the server

Development Highlights

Link Details
Multi Core Testing 1 An iterative process driven by measurements to optimize Trisul for multicore processors. This first installment uses the Intel Thread Profiler to look at the internals of Trisul threads.
Trisul Architecture Block diagram of important functional elements in the Trisul system.
 
start.txt · Last modified: 2008/10/15 10:30 by vivek
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki