* Aaron [TF]

  • Total activity 93
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 47

Articles

Recent activity by * Aaron [TF] Recent activity Votes
  • What is an incident in Aanval?

    In Aanval, an incident is a collection of events and hosts with a start time and end time. Incidents can be used to logically group items together to form an administrative "Incident" that allows f...

  • How do I update Aanval from the command line?

    Updating Aanval from the command line is simple in Aanval 9. From your Aanval installations /bin/ directory, run the following command: php console aanval:update Additionally, you can force an upda...

  • What ports do the SMTs communicate over?

    The Sensor Management Tools (SMTs) communicate to the Aanval console via standard web protocols over TCP port 80 (HTTP) or TCP port 443 (HTTPS) depending upon how you have the URL for your Aanval c...

  • Event Suppression

    One of the more simply yet powerful features of Aanval is the ability to temporarily suppress events matching specific criteria from displaying within Aanval. Suppression is intended to limit clutt...

  • Frequent Events

    In Frequent Events Aanval gives users the ability to view the most frequent events from the active datastore. This view may be sorted by both frequent (descending) and infrequent (ascending) event ...

  • Background Processing Unit (BPU)

    The Aanval Background Processing Unit (BPU) is the fundamental background processing system that performs all core functions of the Aanval console outside of the web browser. The BPUs perform the f...

  • Event Validation

    Aanval includes a powerful false positive prevention engine that performs real-time analyses of events against customizable network, device, and service definitions. False positives are the number ...

  • OpenAanval History

    OpenAanval was originally a very simple web front-end to monitor and browse Snort event data. OpenAanval was the stand alone free limited version of the commercial Aanval console before it was fina...

  • Sensor Management Tools (SMTs)

    Sensor Management Tools (SMT) enable the management of local or remote sensors within Aanval. SMTs are required with all Snort and Suricata sensors for both local and remote installations. More spe...

  • What is Aanval?

    Aanval is a commercial Snort, Suricata, and syslog intrusion detection, correlation, and threat management system. Aanval has been in active development since 2003 and remains one of the longest ru...