* Aaron [TF]

  • Total activity 93
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 47

Articles

Votes on activity by * Aaron [TF] Recent activity Votes
  • Advanced Search

    Aanval's search mechanism is important to understand, as it is a powerful console management tool in addition to the basic functionality of searching and reporting. There are two primary ways to ac...

  • Adding a Snort or Suricata Sensor

    Summary Aanval defines a sensor as an instance of Snort or Suricata which is configured to output alert details in unified2 format. Aanval requires a running instance of Snort or Suricata, and this...

  • How do I delete Aanval's web cache?

    Aanval uses a web caching system to increase console performance and minimize as much wasteful resource consumption as possible. Cache location Cache for Aanval is located in the /var/cache directo...

  • How do I update Aanval without an Internet connection?

    We've included the --local option for our manual updating command with Aanval 9 that allows users to locally provide the update package that Aanval will use. Preparation First, you will need to obt...

  • SMT (Sensor Management Tool) Installation

    Installation The Sensor Management Tools are responsible for sending Unified2 events to the Aanval console. Additionally, they enable the management of IDS engine services and signatures from withi...

  • User Permissions for Sensors

    All sensors in Aanval are required to provide permissions to a user. Assigning a user or multiple users to a sensor allows those selected users to interact with that sensor. Searching, reporting, m...

  • Providing alphabet and stamp keys for license generation

    What is an Alphabet and Stamp key? Aanval 9 requires console specific details in order for a compatible license to be generated. Licenses are specific to each console installation. After purchasing...

  • How do I do a full reset on Aanval?

    Aanval's command line utility has a reset option that will reset Aanval to a new installation. It will delete all event data, reset the sqlite database, clear cache, delete licenses, etc. It cannot...

  • Can Aanval be configured to use a proxy server?

    Aanval's web-interface as well as background processing units (BPUs) are fully proxy compatible. Visit the Proxy display under the Configuration section of the console, where you can enable, select...

  • Does Aanval support Suricata?

    Yes, Aanval fully supports Suricata for both local and remote sensors, including configuration management, signatures, stopping and starting the processes and more. If you are using Suricata, you w...