Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk vs Tripwire

okonswn
New Member
‎12-23-2020 03:12 AM

Hey, can someone help me?

i'm new to the IT and have absolutly no knowledge about those kind of stuff but i have to find out about the monitoring features of Tripwire and Splunk.

Can someone help me here and fill this Excel with y/n in the Splunk part and if possible add more feature that Splunk have but Tripewire not?

 

FeaturesTripwireSplunk
Agent-based log collectionyes 
Logs deliverd over encrypted connection with compressionyes 
Resiliency when disconnected from management consoleyes 
Offline data collection when disconnected from consoleyes 
Extensive platform supportyes 
Remote log collectionyes 
Support for multi-line log file collectionyes 
Preservation of original log contentyes 
High compression ratio for storageyes 
Ability to store logs centrallyyes 
Ability to store logs locallyyes 
Ability to encrypt stored log datayes 
Separation of logs by locationyes 
Role-based access to log datayes 
Scheduled archiving of logsyes 
Search functionality available via REST APIyes 
Indexed logs für fast searchingyes 
Industry standard classification of events for fast searchingyes 
Simultaneous, multiple results windows for comparing query outputyes 
Scheduled reportsyes 
lain text and REGEX searchesyes 
Visual custom rule builderyes 
Extensive fields available for correlationyes 
Pre-built correlation rules to detect events of interest or sequences of eventsyes 
Pre-built correlation rules for compliance requirementsyes 
Correlation with non-log data sourcesyes 
Integration with security configuration management tools like Tripwire Enterprise for asset tag datayes 
Dynamic correlation listsyes 
Integration with Active Directory for dynamic user listsyes 
Correlation Engine rules can execute custom scripts as an actionyes 
Correlation Engine can store events in an accessible databaseyes 
Log forwarding to multiple destinationsyes 
Event forwarding from correlation rulesyes 
Scheduled reporting tasksyes 
Pre-built and customizable dashboardsyes 
Correlation Engine rules can generate E-mailsyes 
Correlation Engine rules can generate syslog eventsyes 
Correlation Engine rules can generate console notificationsyes 
0 Karma
Reply
Get Updates on the Splunk Community!

Index This | When is October more than just the tenth month?

October 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What’s New & Next in Splunk SOAR

 Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an ...