OSSIM (Open Source Security Information Management)
Is designed to correlate logs and alerts to minimize false alarms with intrusion detection.
This is on the feature request list. We hope to eventually work our way back to it, but it may not make it into the 1.2.0 release which we are currently trying to finish up (the migration from RedHat 9.0 to Fedora Core 2 took a significant amount of time).
Thanks for the feedback.