Hey, can someone help me? i'm new to the IT and have absolutly no knowledge about those kind of stuff but i have to find out about the monitoring features of Tripwire and Splunk. Can someone help me here and fill this Excel with y/n in the Splunk part and if possible add more feature that Splunk have but Tripewire not? Features Tripwire Splunk Agent-based log collection yes Logs deliverd over encrypted connection with compression yes Resiliency when disconnected from management console yes Offline data collection when disconnected from console yes Extensive platform support yes Remote log collection yes Support for multi-line log file collection yes Preservation of original log content yes High compression ratio for storage yes Ability to store logs centrally yes Ability to store logs locally yes Ability to encrypt stored log data yes Separation of logs by location yes Role-based access to log data yes Scheduled archiving of logs yes Search functionality available via REST API yes Indexed logs für fast searching yes Industry standard classification of events for fast searching yes Simultaneous, multiple results windows for comparing query output yes Scheduled reports yes lain text and REGEX searches yes Visual custom rule builder yes Extensive fields available for correlation yes Pre-built correlation rules to detect events of interest or sequences of events yes Pre-built correlation rules for compliance requirements yes Correlation with non-log data sources yes Integration with security configuration management tools like Tripwire Enterprise for asset tag data yes Dynamic correlation lists yes Integration with Active Directory for dynamic user lists yes Correlation Engine rules can execute custom scripts as an action yes Correlation Engine can store events in an accessible database yes Log forwarding to multiple destinations yes Event forwarding from correlation rules yes Scheduled reporting tasks yes Pre-built and customizable dashboards yes Correlation Engine rules can generate E-mails yes Correlation Engine rules can generate syslog events yes Correlation Engine rules can generate console notifications yes
... View more