|Original author(s)||Loyal Moses|
|Developer(s)||Tactical FLEX, Inc.|
Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data. Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry.
Aanval was created by Loyal Moses in 2003 but was not publicly made available until March 2004 where it was released under the private commercial license C1-RA1008. Throughout the lifecycle of the software it has also been referred to as OpenAanval and ComAanval in addition to its current and registered trademark name Aanval.
Aanval's original success was in providing AJAX style, security event monitoring and reporting from a web-browser. Since Aanval's creation, it has become an intrusion detection, correlation and threat management console with a specific focus on normalizing Snort, Suricata, and Syslog data.
Several information security related books have been published that include details and references to Aanval, including "Linux Server Security, Second Edition" by O'Reilly Media, "Security Log Management" by O'Reilly Media, "Snort: IDS and IPS Toolkit" by O'Reilly Media and in 2010 "Unix and Linux System Administration Handbook, Fourth Edition" by O'Reilly Media.
- Intrusion detection system (IDS)
- Intrusion prevention system (IPS)
- Network intrusion detection system (NIDS)
- Aanval - Download Archived December 7, 2015, at the Wayback Machine.
- Aanval - Snort & Syslog Intrusion Detection, Correlation and Threat Management
- aanval - Wiktionary
- Aanval End-User License Agreement (EULA)
- Comments ≈ Packet Storm
- Aanval - Press and Media Archived August 8, 2011, at the Wayback Machine.
- Linux Server Security, Second Edition: Safari Books Online
- Security Log Management: Safari Books Online
- Snort: IDS and IPS Toolkit: Safari Books Online
- Unix and Linux System Administration Handbook, Fourth Edition: Safari Books Online