I've just installed AlienVault, hooked it to the network SPAN-port and learned how to do tickets etc.
It's quite basic and very understandable. However, I've got a few issues.
Can I re-brand AlienVault easy? Give it our companies looks 'n feel? Change the logo, colour style and what not.
Also the alerts etc are done by numbers (0 being low and 10 being the highest). Is it possible to associate a string to it? 10 being critical or something like this?
Last question (it might be a bit misplaced with the other questions) but, I am having issues seeing my VLAN traffic on this SPAN-port. I do notice it in a tshark dump. But AV doesn't detect this.