Monitoring Splunk

Splunk vs Tripwire

okonswn
New Member

Hey, can someone help me?

i'm new to the IT and have absolutly no knowledge about those kind of stuff but i have to find out about the monitoring features of Tripwire and Splunk.

Can someone help me here and fill this Excel with y/n in the Splunk part and if possible add more feature that Splunk have but Tripewire not?

 

FeaturesTripwireSplunk
Agent-based log collectionyes 
Logs deliverd over encrypted connection with compressionyes 
Resiliency when disconnected from management consoleyes 
Offline data collection when disconnected from consoleyes 
Extensive platform supportyes 
Remote log collectionyes 
Support for multi-line log file collectionyes 
Preservation of original log contentyes 
High compression ratio for storageyes 
Ability to store logs centrallyyes 
Ability to store logs locallyyes 
Ability to encrypt stored log datayes 
Separation of logs by locationyes 
Role-based access to log datayes 
Scheduled archiving of logsyes 
Search functionality available via REST APIyes 
Indexed logs für fast searchingyes 
Industry standard classification of events for fast searchingyes 
Simultaneous, multiple results windows for comparing query outputyes 
Scheduled reportsyes 
lain text and REGEX searchesyes 
Visual custom rule builderyes 
Extensive fields available for correlationyes 
Pre-built correlation rules to detect events of interest or sequences of eventsyes 
Pre-built correlation rules for compliance requirementsyes 
Correlation with non-log data sourcesyes 
Integration with security configuration management tools like Tripwire Enterprise for asset tag datayes 
Dynamic correlation listsyes 
Integration with Active Directory for dynamic user listsyes 
Correlation Engine rules can execute custom scripts as an actionyes 
Correlation Engine can store events in an accessible databaseyes 
Log forwarding to multiple destinationsyes 
Event forwarding from correlation rulesyes 
Scheduled reporting tasksyes 
Pre-built and customizable dashboardsyes 
Correlation Engine rules can generate E-mailsyes 
Correlation Engine rules can generate syslog eventsyes 
Correlation Engine rules can generate console notificationsyes 
Labels (1)
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...