Original author(s) | Loyal Moses |
---|---|
Developer(s) | Tactical FLEX, Inc. |
Stable release | 8.0
[1]
|
Written in | |
Operating system | |
Type | SIEM |
Website |
www |
Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data. [2] Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry. [ citation needed] Aanval is Dutch for "attack". [3]
Aanval was created by Loyal Moses in 2003 but was not publicly made available until March 2004 where it was released under the private commercial license C1-RA1008. [4] Throughout the lifecycle of the software it has also been referred to as OpenAanval [5] or ComAanval in addition to Aanval.
Aanval's had provided AJAX style security event monitoring and reporting from a web-browser. Since Aanval's creation, it has developed into an intrusion detection, correlation and threat management console with a specific focus on normalizing Snort, Suricata, and Syslog data. [ citation needed]
Several information security related books have been published that include details and references to Aanval, including "Linux Server Security, Second Edition" [6] by O'Reilly Media, "Security Log Management" [7] by O'Reilly Media, "Snort: IDS and IPS Toolkit" [8] by O'Reilly Media and in 2010 "Unix and Linux System Administration Handbook, Fourth Edition" [9] by O'Reilly Media.