¿events · '¿¡events immingle ©key changes july 2010 to present: - inferre datda from b3m...

'¿events

Events Product Centre

SECRET STRAP1

^events Agenda

tì Welcome ölmmingle ©Salamanca fcQFDs ©Guiding Light ß Questions

SECRET STRAP1 - tis? --> IGCHQ

'¿¡events IMMINGLE ©Key changes July 2010 to present:

- Inferred data from B3M now flagged - Updates to handle identifiers from HARD ASSOC and B3M

correctly - MAINWAY: MSRNs now grouped and flagged in same way as

SALAMANCA - MAINWAY: direct access to event details provided - GPRS flagging - THUGGEE rules applied to SALAMANCA

events

SECRET STRAP1 IGCHQ "

'¿events IMMINGLE

Ujktv riji.1: ! i j in l i i T T j fag M I L 1 [

HI P A N E 1 3 ( 1 1 * 0 JiCFnaM/ [TBS 3

H Î J ¿Ut! I Ci"-' l imimi

D d e f l a i g «

Siai b a û 11 friF-.ihi.ji, -r I 11 A /i&siln Ï I I Lij ÙC\ LI'j -=-j

Fri-i I Trrtiy f 1 4 f fW Pfìl | fiS" !=i) -L-

Cvcnl Oolvc-cs

p jALAVAW^i I " DIM I t "ATiTJA r -\AMrmTr P MÀI HnTftFlîlW CULTWiîAW:

I» hitiirjwj^v li li- i

f P"i t«ivipii(.i P i f»

r~ HAPD ,*£tOC tJ ie-3 Ic lirvi

-rt.iJr.Mj .;• sl 'c".ai.^j Mil bi A A

Hrïtiur - _ i I r. - ( "1 " !• r-n " r-vr-.fìà -"irt.-vjr-=i p b ^ m ir;-"..1 I hi g ì ^^^ f l f t ni ih^r /}•

Seed t n v 1H( i c t i t ] b IK

fttH jrri I ^pt:

. R i d i l i Sîiî^tcJ

• - FilLiin ¿11

i= i-VLiNt I " «Mai

f t a : r i » k

n IMEI r - - H t x

•Jiur £ f t f n i l i u f ie

F i-ma >cA]

Cn r i ch iKn l j o u r c c i

rv anO"D OAK

f? LUHlHftULTrtVt r i r-_Lir.D

^ 4 MAINWAY options and Help pages

~ FRîEFQRH

jEaup Fi'" —.iLi-f.i'. I Tgnplaif L ^ f .

A i . VH pir-i I

r^ CffJtoiG FOWL

g f t t o A l I Dreflrì^-ìJfl-- I

V isuc l i ia l io i i Options !-• I I nrj if iy a : Ta i MIÌ H" ¡-. tu- P«? m.» I lu;. ! Jr>- I jrt= f n ^ - i ' - . T ^ v r i f Z ^ Fìa^ riunii ini ^ I Ttz ude nftn t^i i deriiftef i

R ii.-rrirTMjj

G2C Unly

" h i l t «- i iy ko HiUSTORIUU f v j

F ina-t^thei Î? Snony r MI

POACMbVSUWnMJi H Tf b •• ^.'ifti-i^Trt " p i u

^ II 1

SECRET STRAP1 Ci GCHQ

»¿events IMMINGLE

GPRS flag and count

X \ \ \ 2 \ i / / n_VMALAVSIA\V \ _ ^ —, - f 11 SS" tJ l-vytag/raio orsi

• v i Q > r f l V 7 L I ^ / l U / k Ü l l J < 0 3 / 1 0 / 2 0 1 0 O Q ' " «

^ « M A I fl\A02/10/apIO O 5 , - , . . • * I N í ^ A I A M A r , t ( i : ¿ I " ñ t U I K H l K r i . H I— t. CT/--1 A . O S . J ^ i _ J

r~ 11; e , f a s c i a : I 5 i u : " - • - • - A Í A V ' I I : I O , Ö 3 E P H I H , I I I H i l — " M W i - i Bh -W I riM'k V ^

. J i r i r f A 6 0 1 2 2 \ • ¿ M A L A V S 1 A M \ \

• 02/10/2010 : I T T Ö S ^ M m Ä ^ l a C T g s c i r ö e

v i . A C C I A : 2 1 M A I H W A Y I I : 1 , F A S C I A : 3

, - J, . - - 1 1 ' ~r*-

^ ^ i f t f r t c t / p n T-rt n y r s o ^ _ • -

. ^ • O Z / 1 Q / Z O LO_ 1 1 ttj/ZQVD n 3 : 3 4 ö

Ì j i l A I N W A V I I t 1 7 , F A S C I A : 3 3

— — j " M Ä l f J W A V I i i ^ J T A ! ~r*~ • y

— 1 / 1 0 / 2 0 I O 1 0 ; 3 7 L ü 1 2 : 5 2

" - • d o 1 / 1 D / 2 0 1 Q l •

^ M A I N W A y i l ; U > S A L A M A N C A : U , h

\ Tt tg/tiò/an 10 12ris 1 _ \ ~'--m M Ä i f e f v ^ a V 1 1 : 3 . S a l a m a n c a : :

< 1 V A Ci I 2 0 1 0 • < UhArf l i ' i '

< J A V I I

G P R S E v e n t s : 8

S A U D I A R A & I A ^

5 Ê Ê D a O E N T I R I Ê R

/ /A Al 1 \ \ 2 / 1 0 / 2 C J 1 U O a LíKJ"

A i N W A : H r ; í i J ^ í T s c i a i a V2010 03:29 - V2Ü10 03 ¡32 •' I W A Y . I ^ I S ^ F A S C J ^ Í 2 5

2 0 1 0 0 e.: 4 7 X

J A Y I L ; , r A ï Î l A ; 1 2 ' : / ih/I im/Vi ni i t -4:1 IV r

• Diasoui-ce Text KAINWAï l l , Z A M A N C A , JQCT..,

• BROAD OAK fe N . Text Wo

• ( 3 * 5 Last Sean Tati: 26-09-211 IO Ü7:*3,02 • QPS.5 First îeen Text ¿4-D»-¿0lu 06:31:07

• BROAD OAK '5h-=rr, TbíI: I

• BROAD OAK rtea , Tgxt Saudi Aramca2VP Special Assign.,. _ ( i f i i V i r V n i » i M i i m j i i r t i 11.


»events IMMINGLE ©What next?

- FASCIA GPRS flagging - HAUSTORIUM decommissioning

-Next Gen Contact Chaining trial....

O N EXT GENERATION / f p | R E S T 0 R M

SECRET STRAP1 € I G C H Q "

tì events BRIO and SALAMANCA

t Key changes since July: « NRT (Near Real Time) Storage = 3 days « Extra feeds from TERRAINS at BUDE and

SOUNDER e 2nd Party usage of SALAMANCA: SHAREOWN

replaces ESCHAR « CallAnsweredState and CallEndState added to

TERRAIN-SALAMANCA feed

SECRET STRAP1

'¿events BRIO/SALAMANCA (cont.)

öPakistan NGN inferencing errors GCsMH VllErOIDlE InicliiBl L:!h icGI n --¿¿i

1. t i V " h j i l;:*r ("TV

- 1* ¿- ; • £ . 3 ' fits- ¡4 v"| 1 • ••••

UuUgetiA*

"h a ara tg i i ï t rK cubaçij

hìpkkhj - iiftvuetc amiiiisw. ^ththj^i

I rigirar pvprir fì'v Wjtft* i-rifif, liti"- "nni^Uvr-T- lit ïnr '"lin 1 CiiLttr rSL'j '.11. jld -ILI L 'j J'J-.d.

He n 1131-Jt r.

PO. r- i . "I UIULA. -ÌJ JT v . VIJ J- re;

•itI'll LfllUJT'LT

imcsnqf: ) I,HJIT( fife fT1-' Or:re i"rrïiA<

• ä n iitfl

'¿events QFDs

SECRET STRAP1 -

IGCHQ "

se vents Scaling

^Current scale - There are 100 unique bearers feeding the BzS

tools. - Consistently averaging over 30 billion events

per-day into the input buffer. • MB is loading over 10.5 billion • 6 months data retention for MB = 1,890,000,000,000

records and requires 400 TB. • Total storage of over one petabyte.

SECRET STRAP1 - ® -

ICCHQ

'¿events Scaling

% Future Scale - Further 58 bearers by end of 2010 - An additional 40 bearers in Q1 2011.

• MB will ingest over 20 billion events per day requiring one petabyte of storage.

• Overall storage will increase to 2.5 petabytes. - Scope scaling to 400 bearers.


GJ

...

i n f i m i = MOT

KARKA POLK

MEMORY UOL

MUlùfJI h - u

H i SAwyEL

Pi " H i i- 4v lK l | i«(*gy

iinfcj.5 15 * tìn | i

1 'i ryi'F ni II»? TTl lyv* yim iff " i

iBt iyye v'ahoo-Y^Ciofis

So I k

T i e l i h l w i w I.It-111 in Villi"' ' V-1- flihl»

SOCIAL fitiLMAL

JOCIAL MJThf iOro i l

Y.ilin MkK j|$T4|f

TDFM.ìii^ vshoo-V-L:ackJE fyim "DI fifraj)» [Jspr De-scityiinir-is 5 ì i h u&e-name urine vaino! i. serene slftagec n.THeu»m3nne

is ine I r a t i il : t in? «haaiB-r>iall t i i i r e i s {evefyfMfig u ^ i t t f i e • If ft* citar i* "ir » [vimary domain- ; i ' ì ;.flf •Minar.- ifir.al.-i i^c- 9 S 9 9 R 9 S S

JHRliijHHi SMHHHWIMMiH" ' r m ore IrtìHjn

pcinnarp,f sì cnriaiy (Ionia insj.llt PW battìi, P<e iKetnaime j epe ira se f j i f lgrchf *Y=h t o j - i ; i l- ii ";'[>" arie ri, mrtncanea uthg | sinrtp ? jubsffluton code cahfd ROTI 3. Tìib OFDs Biitvtnatolly b i ^kau t l t e rtflEijarl 3i i t ofiiB cgol-ie ani) ( jm¡baticintoi i lahi ¡je^iiir u i i ìs j T D fa 'ràUco-Y-Ofl«l«ls isenwgmjafl iagirU s t r i i m . d ItiHiKisiibl«; HLIL i.S..! td-si autsblv Viliool irsJsnt m g s ^ j n ] • ifrntn+ifli (ha f v /gh bnT^Ffu

f n i h t i iìitiì.- Irfi.rrrmirri s b a s i i h snft, iwompifte, o> unhiipfm.ptuMfl email r:nfl :firTirin 2 .ìnr-wiìir.

HF^AL llllEIv ']• Il -1 .il II IJ Y-lll4fl V voilklp f- -11= •-"-

Numi- •9 E>cP/rjno>Y-CoJkii_0

1 . t

ti i ,il i H.77"

a be to ti-ne b b a f j t J pr t the ¡¿. d i i JDMi

SECRET STRAP1 I G C H Q "

^events Samuel Pepys^j '¿ Pull through and upscaling of TR SPs.

-Currently 43 bearers. • 14 from TR SP • 29 additional bearers from TPS (generating HTTP, TDI,

Websearch, FTP and Squeal). • Circa 40 additional bearers just generating Squeal.

-Approval to increase aperture to 100 bearers for all data-types.

-Approval to increase user numbers to 200.

SECRET STRAP1 - w -IGCHQ

SOCIAL ANTHROPOID

SECRET STRAP1 -

ICCHQ "

'¿events

©What is Social Anthropoid? -SOCIAL ANTHROPOID is a converged

comms database. It will allow you to see when your targets have communicated via phone, over the internet, or using converged channels (e.g., sending e-mails from a phone or making voice calls over the internet).


'¿events ©What about the existing comms data

bases? -When SOCIAL ANTHROPOID contains all

the necessary data and has all the core functionality of the legacy tools Social animal, HAUSTORIUM and SALAMANCA will be de-commissioned.


»¿events s What data is in Social Anthropoid??

- All of Salamanca data (telephony) - Social animal data. - Instant Messenger.

- Webmail. - SIP & H323 VOIP - Yahoo Voice - Blackberry

- MMS - SMS (from Salamanca and other sources)

- GTP (GPRS session set-ups) - And more..

SECRET STRAP1 S ä ^ l i ^ • I lvi\-rl CJ

'¿events

©What about SMTP, POP3 and IMAP? -Starting to receive these data types now -Capability deployed as part of HeartBeat

11.

SECRET STRAP1 ICCHQ

»¿events nf""

Saved queries

To. have Ha'v'ed guenes.

Tes:.

« Queries will ne aLtonstica l"y sutmffegj :o i l l ins:anc:s o'SOCIA. ¿MHRO:OIDj SOCIAL A\K'AL anc Convergec SOCE^L ANIMAL.

t F c nu Ik qLeridfj entar nr ult;p le selacto'i (cn= per I in 3),

> If allcw /' i l : cards is t i i e c . 3 is treated as a m±i-character >\i!dca': (e g, paul^ t> II match p^ i l . 23 , psul'.Ee, p=uli5yaho& cot wi I matci 3ut

Ll~il ke o:her QFCs _ and v have _o sieiial mea-.irg :uarv fur a i te ra l ; sign. urchec< 'al ow "ildcarcs ra:her than 'esi^pinc' he "•.ildcarc.

• By defautj resuts ^il 63 retuTe: in which /our nput salector apDears ir ether he User ^ 0' _ser B cil.jmn (in SOCIAL AV^AL term; is the 'Ector1 o':he 'sujjec:' with n "he event).

To i f t u n nesjl:;'- n M i i ^ |nur salector apjears m l / a s tns a i ^ e user, iic< U"e Quary active use'; an { chec-;bo:>:

» Frc-tend prccessing ronra ise; Z2C seiezhrs ir varicus ndjding Ire rerrov-a o ; dcts from :he uiernamas c : '"mai addrassas, To :e: Gmai remits, /o jw i l l neec to

nsnra ise your cusries in tha same wa1.- (e g., searc" f c r l ^ d ^ y G y i k ^ i . c i i i instead cf bad .™Gma- l . cc i i } . Snncil fcef ignores the dDts so there s nc danger of ge+thg everts f o ' t h : wronc azccjn:

If n doubt, consult loael Z2C. tach ax,

Mi'anda 2014C

I lCFno ' ty & Fumose

HS A JLstificatmn testing

Search period (cp:oia tD 7i te ' resu ts by rratifec selectors nri:r to d salay

• ¿Ihm i.-i IHr=rH;

j 3 je'y ¿c:iva usars only

I* Seve Query Su l imit guery

SECRET STRAP1 ^ w -

^ C C H Q

»¿events C2C ' : J i , r | l . l K Ù i i l HÌÌilJjMI

J « r A IJsr r A ''of» tvPD U i t r A

Jw A

in-nn-Actii/e Urti&fi

tha: •••l'i!«

.cicalai source

FlKort

i l -OLI

41. li i til

TSJiiiv

LOCOtlli

S D U K I

E3I1 II rr

Pj-fll-l-na i r a Atlllin:

TiiHiAr^

l o c i t n iQllprf

O »<*

Lli f r A l l i i p l t f

/•al'!'- lU'iii-

L i i r f l U i t r l tdLC t jTP

Uicr D liJil- b U<cr(J ran di fp l i j r 1 ' ' T

Arti u h

Ufi ¿ iHtr i i

ir l -1 nln> : r h » j - norvr ^ J iLc" • n

f . is iUts i u i n m i r y

Jlctifln

ft ist

rHul

char

chat

i^lflit

A c ? T ' y [ ) A )l Ls&fJ1,

nness ìd^

UE* ATr f l J i * r&Bn | U i f l fB

rpi-ir-s-tj-i

nfiiisas?

ma-

nriBi caijs

chat nr>s j i i ¡)t

chnt mtifag-f nh. r rn ' in r j i» chat |

chat msiiage chat I niBssagi chat rriDisagt

[hotm?! cjjiti

|l»I fWJSmifcflffl

| riuirfusN.crc

• l ' rtQlmai I Jr

J ' j ivictrr^ i .it

J i lhuxmai ,-or-g

? nnjil

i l l l'i i u IVII

j n kn a LW-n

hotmjsil,:am inlfinwn

il'n-imjul.Lirg

USflr F, First Sedii L i i t Seer* CO'jrti

o:-Jul-: i i s

" Ti . iTfi-ill, hir •

JlfljSiHiitiOt i

c rn-si I

J N L-FI • LV n

irnail

14(01 11 Ì ^ M .

za-Aug-ioi n - f l i i g rJ t i i

J-4-0.' r - i f l < 7a - Or!-?fl 1 ' 1/5: "irti.dji 15;fV]:f!

ee-gct z g i t 15:57 :<--:*, "Minti i ia I l -Jun-IOK Li-JUJl-JDK 10:Jfi lW 18:14:53

lUi i inUB W;? iu t3

UlcJD:?* L S i i l i M

3J-Ocl-£CI L 10 2 i I I - Lh«L event ( v ln loF i l i v r ) , ¿ i t l ^ r a r s

PiiO» I r.f | F - • 7, I • ; i.h-nntjc O'drr Di pta^ ,r• nr.™tr; C.VJ E^pnr*

Tor^ini-cl I litri

Tt-I t llC'Hifl

C ntjiÌ7 srr. CAu.nt Marina

SECRET STRAP1 IGC HQ "

n t S telephony Santhropoid

V Q - ' I 1 M I. ^ ^ •" Reni t i | ftfll |

Hier rt ro l f U i i f fi l y p i ( k e r A U s t r i MX U ï t r fr

llipi1 n jmtr iMr i 13 lypr i l?«" E vs:u= display nani e

User B IH ft r M raw j j ì I i ip

display name

03-Nflv-2lHO - telephony eveiÉ (cilcibòJ), 2 » I t i t a h , doiuban: UdiODiOfc

i t t i r ^ ^ ^ ^ P H ^ ^ J i 1 ! . ! nuarboi

Artian: ..irli n e w Arli.-ip type:r.3=l

nnVnnivn - -hI 1 tn4_nnmlior

L K i t t r t :

S-ource Point-lode: £•()'•-I J Destination PoJnt-Eole: ÌD0SZ

FÎHore

1PLTI i.mfisr

Û3-N<ftK20LB 17:31:19 - telephony event (plabat)r 2 ve l i eter i . d-irat'on: 00:00:06

J l PLIULKJ-J A: Li li ii: :_ir k ' i r A d m i t l^pLvi..: i

uiK.rio—11 :all ljol_nur iLh -

I «Ldlur».

l ' i l i TLC rullìi. lu i l t ! : 6Q741 Detti l i JUUN FUlHl C o i t i jSC^

EUtìhr

u i - r - d v - i u i u i / : j : j - idephony evens ( H o i u l j , £ l e l t t u n , deration: IMtUKDA

u» rr d_: n iLm Ait imi: yr l Action t j p t ; g; !

•jn^no^n ïdll WjuifnbÉf

LkHùttrn

S-ourcc Pornt lode; E0"-1: Destination Point CoJcîîûOS;

EMore

di il mi h i niImLtii

T

di ¿1 e J tel njrnhîr


126V6n tS Convergence - GTP tunnel y 1 : 1 usili:-, ^ ^ ^ S 3 f . , ^ ^ ^ M ill •.

U w r A Lypr User A U t r r A raw value User B ra l r User B tppr dt ïplay nom?

Usr r B Hi r r T

Oser H ran v d u t d i i p lo f name

fi l -Hfiu-Jt) I il rn I li : CI fi - | tanni-1 f V T . t (qtp; , .1 « f l f f t n r t

Aft inn: r.r**h« ftrt nr typ* : hiPir.nl

o-îatc tuniìrl imii

i ' iStf tunn»l t i Lwmber

r-.itft tunriiil hlj|tiibf!ir) (i ¡fl_pm

LUdLurv; Source IPY+; I source SnsnAddress:I

[a ' V L u n r r q c i i L E M d

Tt-is j > r r l Trprcsrnt.- trcit ion 'jTF t u T t (

view el e"' e nts fronri iri.; ^T? t-jn ne I

Itlriurtr

^ i j t e tunnïi imsi

crsïta turns! tal^numbsr

Lf rate tunrtri bla either^ iritJ airi

Lri . l i n n : 5t r r r SDurre 'nnnA.ddrn'S'tl

L I' U>nvrr i )<nt t bold:

T i s ewsrt reprtîefib the creeborp o* G TP t u - r f l iitfw iil riv-riK frddi ltn% -"tT^ fiiiiilf I

l'ila1: L " t r V J i ii J pi II i

Destination IPV4:I

(t l-Mnv-JIII (1 fl 4: >11:1(1 — tunnel puf nt ( i j tp l , .1 <f lpr tnr< Att ive user Ite _nu"nbc •)

Occl I nation IPV4;|

rot_jvoilihlc

rtrt_»vailsble

•ini dv^iildhlr

ti

roLavalabto

rot_ava!lifcl4

rot ¿vûilablc

SECRET STRAP1

not j v j ì I j I i I c

not ^vml jb l - :

mi l .ivullolili-

m p i w i i h M c

not j v a i l j b i g

not j v j i I j I i I c

IGCHQ "

ntS Convergence - Leaky Gateways £ .-Ml-I -, j" - fl r^ 1 ill^ M ' y : » K

User A l l « r A t yp L- [ K t r A

I t i c r A r an u«lu*

usar ft d l i p h y f iM lA

LUer Ë n i *

U i c r ï t r p « U « r l User it ram uni u#

User H

MniE

Ì 4 - 0 E t z o l d i r h u î mer ArHnn: sird

in=' i r w - imurmjiii *u»f i i 1,'ABrKij. !. Ì 4 - 0 E t z o l d i r h u î mer ArHnn: sird

H i U s ï i l c ; 1 :ir " ' 1 ^ H X-hoMiiVlHSI) Ì 4 - 0 E t z o l d i r h u î mer ArHnn: sird Arthaft type: r - i i t t -n-

fr-S rri- HMHniMift ^ ^ ^ ^ ^ ^ ^ ^ r i l i i n i . i um fifU '1 11| ¿1 •! 1ITJI 1 i l j ^ M

IxiLrttnrir üdurtc ir>W4 D c i G l ü t t n nv

i ro l iq : i . l urn

l î lMùï

?4-Qtl-201tì 06:11:57 - «leb m i l l - l i e n l (yaPiL>4). S ì4>Il-ì lori. U f r U A r c o d T i l O w n i r

I cbu ib sfrr'iJ Action ï^iti-, i f r t i i i ge

Flr;m Unirawn

L Iii ill urM source

lîJMurc

t'y Ahn il. carri

De i t i nailon IPV 1:1

I -' 1 I' if i f [ 1 KK-fiuawei-lHSri

Frsn JnfcnaNTi •SyahaB.eam

? ì - a r t - i 6 l l l IH:1 0: L b — «gbmall event ( y a h u ) , S « l e t t v i A iLCiijr.tOn

A eli un: sciid Action iyjtei mr js ;ge

fi-; m

U t i t s n : Cour t« j m ; |

O ^ o r e

Uri-rs^n wyat iCB. ioni

|]|'M,Ili.plinti i r Y t J

tVi th in?! : ) t y:-hu bv< si - ] MS ["•

Fro^ Jrttnrjwn

?4 nI • m i l l «ft. I [I: | h wt-hiu.iil i-vt-Hil (/ni lnip), 5 or l i t i Mrs It [Uve er U s A <?o u r IjUw n e r b'ùchinoCr) |(KtlUJH47Ì 1MÏ1)

SECRET STRAP1 Ci IGCHQ "

ee ¡ve nts OSN j l \ S o J d ( » i J .

j f Qvi£| f ¡apt il1 dsiil • P «-Mill-.: i jn F- ^ S H tf " ili'. ^ ^ B n . .ss I Hoc ^ i-flli' l i u r A type J t c r A U i p f / i f a n w i l u t j s s r B r d p Ust r B t v M UserB

f i ip iAy narnr l i s e r a r M val up

i J i t r t i t i t p l t y n.*ma

l ì Jul » i P Ü l 4 b 4 Z - SOCIAL A M H A L t u B n t {FJccbvokX ? j c l n i t o r i Ar t iue i u « r i par iboo- ' -mci Hi l inn: yh i t Ai l i nn tyi.Ef: íHiií'-'jíiye

Füíha all-Lid f iM-tr i ci- -ijìH

Lecutaí í I

Bouree 1PY4: 1 RjMorí1

I V I u l - S O N I Z l : 4 I t * Z - s n i |AI AMNAI. einMtl <P«t<* lw i t ) , ? n í l r r . i o r í lUll'.'C m e i | K F K i t M k - l J i ) Ar t i ani 4 ¡Oí Actrcn typcL LKÌI-

alia 5 u i t r Faeffca.ol(-uid email ^ B ^ p ^ j j ^ ^ ^ S

t r.r fltnrt:

• Mu re

1 5 J u l 2 0 I C 21:11:37 U K IAL A M l A L evont Ì F a c c h o o k l 2 w i n t e r * Active m e r : | pae.tb&ay-ujf'i A i t i lui; chat ALUton tvi iwi i i i i s i j j t

F tHh t t lM l l l l FtMbAòk'Uìd 1

ILO C i t o f t ;

S f f i K í JPí J:

0 M u r e

] . t - l u l - / l l I I I y \ 41:3,1 -S I1 I . I AI A M ^ A I eiísnt (FflcfthùtikX ? w l * f W r s

A tuve i H t r ] Action: ch i t Action type; m t ^ i j e

SECRET STRAP1 € I G C H Q "

»events ©Looks good, When can I have an

account? -Santhropoid is currently in the second

stage of UAT. -We currently have 200 users representing

all areas of the business. -Aiming to be in a position to release

Santhropoid to the masses in early January.


'¿eventsNew data source^ © LUSTRE - new data-source available in MB.

Good for North Africa.

©Source field - This will enable new non-routine data-sources to be added to the QFD's. - CNE - JTRIG - GLASSBACK data used for test case. - COLLATERAL

SECRET STRAP1 IGCHQ

'¿¡events New Loaders

a New loaders deployed to MB and HR Map, improvements to KP. - Latency of the data in the QFDs has been greatly

reduced, now around 12 hours. • Each instance of MB can now ingest 8 billion events per-

day (total 32 billion)

- Some QFDs were previously 1-5 days behind. - Query performance during loading has also been

improved.

SECRET STRAP1 - ® -

ICCHQ

'¿events

GUIDING LIGHT QFD

Presented by (Guiding Light SU)

SECRET STRAP1 GCHQ

events what >s GUIDING LIGHT?

a New QFD developed in August 2010 by TDB-Events.

a Primary objective:

"To understand the traffic seen on the Next Gen Events bearers."

SECRET STRAP1

§ events what can it do for me?

General Questions: £ Given a case notation, what are the TDI types that

are found on it?

e Given a TDI type/subset, which bearers produce the highest number of events?

e What type of traffic is on which bearers and where is it coming from?

Which bearers provide the most amount of traffic type x from place /?


»¿¡events Front End Interface

GUIDING LIGHT

From Date To Date

[ c u s t o m ^ 'J1-NOV-2010 C u s t o m T 01 -NOV-201 0

Bearer e.g. GWUKC1 51 % Event Type e g. %facehook%

Country Digraphs ( u s i n g ISO standard )

Query Type Count r^A Country 8 Mill Event Count

From A to B j ^ J

Note. The % wi ldcard character represents 0 or more characters.

Daily Counts

•

Source Type?

~

Bsarers Countr ies Event

Types Full Profile

SECRET STRAP1 ICCHQ F

'¿events Results - Full Profile Query

Resul ts

fiv L «¿«¡Ith) i&senc-s

t äisni-e tiesenie fe1<?r;-

f_f use nee ": ' "TfcSftfiGft . . . -

.J. -jffifit HihHIIty ' •JS-Ljfferbi •

n Tes-erit-o

riv tesence •y f_f ipieroe

n_r mnprifiii i: issoroo [esente n'esente

'¡ir_| 'i!!;i!iii:i: Ssfcl hìhh™ E 5 51 (li •-¿il, : esente

( fiesenie

-les eni-e

: li ;:M l

= J. 3 lesent-o

iiy- t isìGnc-a "3Ü iflsr? •

C'esente - -.< st_f efer? '

'I::;I:III:I:

Urlqinalior c:ourir : e s: - at i1: : jn

ni. ntrv F"i(3t

l-ÈL^wy E ¡iji-iut" ivi-w E Lt nef • Canee- ji:e

•| I rerri- —yir j" 11 fliiriivinn ~."i irln, ; • Si n^'lhilinn ":-. .rtr

B EvcrtGoui:

Fn=Pö lìlii !i ili ! I lì- il ili ! -i! im cih PK F-:' 11 = SR

S E C R E T S T R A P 1 ^ G C H Q ^

Dour:e Olt? [)ef '?r ^ • ¡ ^ Ì F M I . ; : •5,51 : =fl i,si7 zie 1,oc:175 j ' i ì t l ; j1

Sj= 1 2-.. ¿1: jftji 1 1 P.7 jf l . l i '?? =?n le:E3Ì 1-1= 73S m: 1 | j ssfij 1LJ Ut

ì : iti r- n i f i 77?

V.Ì _JL>

¿ji .q Zii :i i ® ;= "is

IT! 1 = : '6 1 = . j t i 1 1 Ì l i

3 3J;

E-EP'} E EP'J) E-EP'} 11 t ^ -I- LI L • -I "J E " i r a f VT^J 11-PO F -•. =Pi") E-EPI) E S EPÌ> E | EPO1

t S 11 - Kil L . -l'Li r - : p n r - -pn F 'i-PO L- * zi-1'.) I i "KU L • .! W : " r e i r J "nrj F 5 "Pi") F =p.") E^FP'J E-EPO t j - KU 11=HLl L s .1 "J

r ì "pò F1 =P."> F i=|S) EiEPO E15 EP'I1

t jjj zP'J h -< ro L • .! 5J : •:p; i r J "nrj F fi "Pi")

ÌE zìo f i ?iri f-^-ìf, J- "71 •11 733 s:

i : ¡aè 11 - in i i =m

l i -lulLjnhur KiHlLHrihiir C iell?nhir-

[<J leltjnliiir" C ielt?nhir-

f.'iei!?nhiir i: iei;?nHar" i" iftlfinhir r.inliinhnr

lr" ii!l! nti;j|-rc lulUnhur CiHlLjiihìti' C lellsuhir-t ìelLinli-sr" C ielt?nli^r" f.':elt?nhar i: ielt?nhar i'.iftl^nhar" i.inlhnhnr e ìollsnhar" C ielt?nlisr" C,jieit?nhar i: iell?nhar r.ìfiliihhsr

K n:l! :nhi)i -11:11 S01I-

IC'inlLirihiir Ö iHlisiiliiir-

U; ìelisnliir" C ielt?nh^r-

f.'ielt?nhiar i: ìel[?nhiir r.iftllinhar

-irli |H-":-|i:ll :nhiji C l«|[j|lh:jr £ leüsnhüi-C leltsnhir-

<: ielt?nlisr" C,jieit?nhar i: iell?nhar r.ìfiliihhsr

K'iiil! ¡rihijr (":-niil :nh;ji

'l = lu Ol- ' . 'CÌÌ I fcl -JL LUI. i y^-invrL-rhcn rü^-ifJ'-T r-rrrri Vlifi.7 '( .-mim k1i:::: i 'i ji:r yms; SP-IN-rE-Frui

\ ; ìoo-Mes-se iqai S C_ Ul MfM L-i re ri V=IOÜ-D-I:

irjoi-f Fhrn PK' MH-IN"! t-i-ien ~PH'

loo-tK'uoU? l . i Vric-c-v-'.ic:-: ì LJ

"TE-F PI": F-I 'pr :' "i ^nrKlfi n-.'

|!;l-; ::<[ii.i Y '••.! i..=; Y .'iiiu R e iiihi : L. Ì Vs IUU-Y- t L-3

c PK Si nhsr-BiH^i-;- !Jsei-ùxisn L.J aH-IMul t-Hcn Z IÈL wa v :jo(ile.com.cl= LJ OT = ispr T5-C nc._ T-U ieh-713 ?ni i . |

Pi; vaw : inibii: curii Ltv

': ', " OH ! I. PK iP-IM-rE-Ficn FR

= us-er-Cjjks L-i hLiSI ^b-tl-ll:-: ;Ji-yihar-UINIJJ. J-Li5er*i!er1 LJ

T?r \i\' fi =• SF:>IFT=P Fu ri

TViuu-B-C JUÜ i Y? iöü-Y-JC:*: Ì \ ; ìoo-u-tjous

'¿events Event Types Sections

Results Pivot: Event Types

1 Event Type Event Count

Yahoo-G-Cookie 3,370,1573

Yahoo-Y-Cüökie 2,682.201

WEBLOG 2,51 0,571

SiP-INViTE-From 874,563

HOST_REFERER 430,600

YMSG 364,400

Sip 345,876

Yahoo-Messenger 337,035

w w w google ;orr i .pk 72,410

Google-PREFiD-Oookie 71,337

Simbar-SiMBAR-User-Agent 58,653

www.goog le cum 38,747

EXP_Shoppe : repor ts -SRSJT-User -Agen t 33,847

Facebook- t_user -Cook ie 21.664

Yahoo-S IP-RE G ISTER-From 1 6.444

www.binG.coin 14,485

c l ien ts l .goog le .com.pk 14,893

SIP-REGISTER-From 14,020

Yahoo- B-Sel -Cookie 11,720

D o u b 1 e C1 i c h- i d-C o • ki e 10,107

Yahoo-Y-Set-Cookie 8,631

MG-MUID-Cookle 7;222

Yahoo- login-Method-Body 6.064

Google-Earth-TNe 6,005

SECRET STRAP1 - tì? -

ICCHQ

http://www.google

http://www.binG.coin

events Results Pivot: Countries (From) t iounLry, b c u r c r

l-Tl liSi.lt! qus-," Si I.II i I y i :

l_L Ccuce JÌ:Ì 0 titcltl U Cvcri Tvss 0 L triduiLLU O E »siiieiion Co. r:*, 0 tvti i UuwA

LtipnaflioiiOouiilry U^sliiutioii Jointly U s i « bvsiil GOIMI! PUT UC J5C K§

^ id-1 C'll " i r ò 15: - a f.l' - N - F D •• -;»:-

K~ | io; IN i nw I;N T7i ("•H kfif IL

f.P - =, =PC. i j . i

Hi-.' = H=PCl T; I-K -H' IF = =i=F("i vjf

nzh't.' -•1 j r HI.1 t F i ==; =PC. f CT E C.r. ==; =PCI

F" j HI-' ==i-P("i n 1 ip = =i =PC. I

IPO I = T=Pfl ; # i ^ t

li'-1 ; u: I1 -5=P("I i7r •O se Uf = =j=PO • ^

I3C 1 ."M-: r- < = T-PCl i?F in?

IR 7- i II ==-pfi • 7

F S =;=pfi tf i?r 07


events Recent Enhancements

«Data from Bude (RPC) -Including data from SWORDPLAY

©New fields - PDDG - SIGAD - SSDG

SECRET STRAP1

events Future Enhancements

Near future: « Adding BROAD OAK Targeting data ® Incorporating MI functionality from

REFORMER (where appropriate!)

«Adding more feeds. (Ongoing)

Longer term:

« Adding Cipher and eAD MI information ffl Linkage into ARTEMIS (or its successor)

SECRET STRAP1

»¿events Any Questions

?

SECRET STRAP1 -

ICCHQ F

¿events · '¿¡events immingle ©key changes july 2010 to present: - inferre datda from b3m...

Documents