* Aaron [TF]

  • Total activity 93
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 47

Articles

Recent activity by * Aaron [TF] Recent activity Votes
  • Datastores

    In relation to Aanval, a datastore is a container of events that is used within the console to logically separate event data by time, count or both time and count. Datastores can either be manually...

  • Aanval 9 Installation

    Introduction Aanval has been designed from its core outward to support a broad variety of installation environments and be as simple to install as possible.  Downloading and installing Aanval takes...

  • User Permissions for Sensors

    All sensors in Aanval are required to provide permissions to a user. Assigning a user or multiple users to a sensor allows those selected users to interact with that sensor. Searching, reporting, m...

  • No new events / events are not importing

    This is a tough one, and one of the most common problems we see. Aanval is an event management console, so events being critical and central to the operation of the console, it is a common issue th...

  • How do I do a full reset on Aanval?

    Aanval's command line utility has a reset option that will reset Aanval to a new installation. It will delete all event data, reset the sqlite database, clear cache, delete licenses, etc. It cannot...

  • Can Aanval be configured to use a proxy server?

    Aanval's web-interface as well as background processing units (BPUs) are fully proxy compatible. Visit the Proxy display under the Configuration section of the console, where you can enable, select...

  • Does Aanval support Suricata?

    Yes, Aanval fully supports Suricata for both local and remote sensors, including configuration management, signatures, stopping and starting the processes and more. If you are using Suricata, you w...

  • Policies

    Policies within Aanval define the specific parameters for sensors in relation to Aanval. More specifically they manage signatures, and other important details of local and remote Snort and Suricata...

  • Tags

    Tags are a basic function of most modern systems, and are similar to labels. A tag can be attached to a host or an event, and can be used to perform searches as well as reported on. Tags are differ...

  • Incidents

    Incidents are collections of events and hosts with a start time and end time. Incidents are an administrative function of Aanval that can be used to logically group events, hosts and notes together...