Hi SupaRice,
You most likely will have this sorted now, but for anybody else who has a similar idea I shall answer anyway.
For products such as RSA EnVision, ArcSight, Huntsman, Q1 etc they do not offer any OpenSource stuff, or offer any demos / trial due to the fact they take a lot of time to setup and will only supply with recommended hardware etc
A good starting point that I would suggest, as in fact I did also, First of all I would download and install Security Onion which is a Linux distro the comes with SNORT / BroIDS / OSSEC and many other OpenSource software packages are installed, and for the majority are already configured. I am also a big fan of Splunk also and in fact a Security Onion app has already been created for Splunk, so with little effort you can get some nice graphs and information etc from your network. No matter what IDS/IPS that you use you will have to think out and create your own correlation rules (which will take time), due to every environment being different.
So depending how you setup your lab you can have an SIEM on a shoe string
Thanks
