Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data.
[2] Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry.
[3] Aanval was created by Loyal Moses in 2003 but was not publicly made available until March 2004 where it was released under the private commercial license C1-RA1008.
Aanval's had provided AJAX style security event monitoring and reporting from a web-browser.
Since Aanval's creation, it has developed into an intrusion detection, correlation and threat management console with a specific focus on normalizing Snort, Suricata, and Syslog data.