|
| Latest version or release information for Aanval The most recent release information is always available from the http://www.aanval.com/download/ page. Version, build, release name and last updated information is always displayed for the most recent packages available to the public. A public listing of release notes (change history) is also provided. OpenAanval OpenAanval was originally a very simple web front-end to monitor and browse snort event data.ᅠ OpenAanval was the stand alone free limited version of the commercial Aanval console before it was finally integrated in 2005. Aanval continues to support the snort community, by providing users with a free limited version of Aanval that allows full functionality of a single snort and syslog sensor.ᅠ Aanval operates in this free limited mode when no licenses are available or can be detected. Aanval was also known as ComAanval for a short period of time, before all code was centralized and provided as a single package. Datastore In relation to Aanval, a datastore is a container of events that is used within the console to logically separate event data by time, count or both time and count. Datastores can either be manually rotated or configured to rotate automatically to help ensure performance of the console remains optimal. Connect to a remote Aanval console Aanval provides the option to allow a single Aanval front-end application in either Adobe Flex or Adobe Air, to connect remotely to any Aanval back-end installation of the same version. This is a useful option for users who may not want the web-based front end to be available from their intrusion system. In addition, this is quite useful for solutions in which Aanval operation and management is external or outsourced. Important, the Aanval front-end (Flex / Air Application) must match the version of the Aanval back-end in order to prevent any unwanted or harmful effects. To connect to a remote Aanval console, the HTTP or HTTPS protocol must be accessible between client and server. At login, there is an option for "remote connection", once selected you must insert the full path to the Aanval web-location including the back-end path. In version 4 of Aanval, the back-end path was /flex/ and in versions 5 or greater, the back-end path is /console/. Example URL locations for remote connection For Aanval version 4, this URL may be one of the following (as applicable): http://remote.server.com/aanval/flex/ http://remote.server.com/flex/ For Aanval version 5, this URL may be one of the following (as applicable): http://remote.server.com/aanval/console/ http://remote.server.com/console/ Advanced Search Usage The Advanced Search interface provides a simple and powerful mechanism to quickly and effectively search and report on specific events available within the Aanval Console. Searching The search mechanism uses a combination of pre-defined search keywords and text search terms. Search keywords always end with a ":" and may or may not have a value associated with them. See the search help option within the Aanval console for details and exact keyword usage. Example:ᅠ The following searches return the same results sets attack dport:80 !virus attack and dport:80 not virus attack and dport:80 and not virus ᅠ GD extension / module GD is an extension for the Apache PHP module and allows for the creation and graphics and images from within PHP. Primarily GD is used to create charts, graphs, drawings and images from the server side programatically. Aanval uses GD to provide PDF functionality for Aanval as well as build charts and graphs for these PDF documents. The console interface (FLEX) does not require the use of GD and all charts and graphs that are provided in the console, will work as intended if GD is not present. Only PDF generation (and images associated with PDF's) requires that GD be installed. Logos and trademarks are property of their respective owners. |
