Monitoring Splunk

Splunk vs Tripwire

New Member

Hey, can someone help me?

i'm new to the IT and have absolutly no knowledge about those kind of stuff but i have to find out about the monitoring features of Tripwire and Splunk.

Can someone help me here and fill this Excel with y/n in the Splunk part and if possible add more feature that Splunk have but Tripewire not?


Agent-based log collectionyes 
Logs deliverd over encrypted connection with compressionyes 
Resiliency when disconnected from management consoleyes 
Offline data collection when disconnected from consoleyes 
Extensive platform supportyes 
Remote log collectionyes 
Support for multi-line log file collectionyes 
Preservation of original log contentyes 
High compression ratio for storageyes 
Ability to store logs centrallyyes 
Ability to store logs locallyyes 
Ability to encrypt stored log datayes 
Separation of logs by locationyes 
Role-based access to log datayes 
Scheduled archiving of logsyes 
Search functionality available via REST APIyes 
Indexed logs für fast searchingyes 
Industry standard classification of events for fast searchingyes 
Simultaneous, multiple results windows for comparing query outputyes 
Scheduled reportsyes 
lain text and REGEX searchesyes 
Visual custom rule builderyes 
Extensive fields available for correlationyes 
Pre-built correlation rules to detect events of interest or sequences of eventsyes 
Pre-built correlation rules for compliance requirementsyes 
Correlation with non-log data sourcesyes 
Integration with security configuration management tools like Tripwire Enterprise for asset tag datayes 
Dynamic correlation listsyes 
Integration with Active Directory for dynamic user listsyes 
Correlation Engine rules can execute custom scripts as an actionyes 
Correlation Engine can store events in an accessible databaseyes 
Log forwarding to multiple destinationsyes 
Event forwarding from correlation rulesyes 
Scheduled reporting tasksyes 
Pre-built and customizable dashboardsyes 
Correlation Engine rules can generate E-mailsyes 
Correlation Engine rules can generate syslog eventsyes 
Correlation Engine rules can generate console notificationsyes 
Labels (1)
0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...