Tripwire Log Center is a leading SIEM solution with intelligent interface capable of handling assets with large EPS.
The PPT descibes the interface look and feel and some basic features about look and feel, how its different from anyother SIEM.
LOGON Software, is a the distributor for Tripwire products in india, visit our website www.softwareasia,com to know more about Tripwire solutions.
2. Client
interface
for the
Manager,
Tripwire Console works in in three modules :
1. TLC Manager : The server archiving co relating logs
2. TLC Console : The interface application to connect and manage the manager
3. Log sources : The Assets which we intend to monitor
TLC Overview
Collects, co
relate and
archives logs
Tripwire
Log Center
Manager
Windows Linux
Active
Directory
Database
Network
Devices
TLC
Manager
LOG Sources
3. Tripwire Console spitted in two views
Events : Allows analysis and reporting.
Resources : Configuration Tab for system configuration
TLC Console : Events and Resource
4. Events :Dashboards : Allows analysis and reporting. and views to
Administrators and end users
Dashboards
6. Events :Event Database Viewers allows to navigate
into events database
Event Database Viewer : Sensors
7. Events :Event Database Viewers allows to navigate
into events database
Event Database Viewer : Events on assets
8. Events :Event Database Viewers enables to do
forensics of events by mapping events visualizing
co relation , and you can replay events at any
stage of forensics
Event Database Viewer : Event Relationships
9. Events :Event Database Viewers to drill down on event priority
Event Database Viewer : Priorities
10. Events :Event Database Viewers to drill down
on type of communication ports and source
IP other parameters
Events: Source and Destination Details
11. Events :Event Database Viewers to drill down
on type of process
Events : System Processes
12. Events :Event Database Viewers analyze
the patterns for event-time graphs
Events : Graphs and Patterns
13. Real Time Event Viewer :Shows raw and
normalized buffered for processing from
log sources
Real-time Event Viewer : As they happen
14. Audit Logger : Allows to query event database
and raw in Google like real-time filtering which can be
used for reporting and creating scheduled tasks
Audit Logger: Search like google
15. Task Manager: Allows to interactive
define and create task parameters
ranging from report tasks to archiving
and sanitation tasks
Task Manager: Creating Tasks Precisely
17. Report Center : Allows to create and define reports
and also manually execute reports
Report Center: Reporting
18. Configuration Tab: Allows to manage the
Tripwire Log Center environment and its
Assets , logical groups and tagging
Configuration : Managing Environment
19. Configuration Tab: Allows to manage the
Tripwire Log Center environment and its
Assets , logical groups and tagging
Assets : Configure, Group, Monitor
21. Normalization Rules: Allows to normalization
of the logs and locate the events of interests in any log string
Normalization Rules: Reading what log says
22. Normalization Rules: Allows to normalization
of the logs and locate the events of interests
in any log string sourced by Oracle DB Collector
Oracle Rules
23. Normalization Rules: Allows to normalization
of the logs and locate the events of interests in any log string
Normalization Rules : Tuning
24. Co Relation Rules: Allows normalized logs to be filtered again
and define logical series of events which can become a qualified
event of the logs after compiling logs from various sources
Co-Relation Rules : The Sherlock
25. Co Relation Rules Creator: Allows to define and edit
scenario using easy to use Visio based creator
1 . Take a Rule , sends an alert post logon failure
2 . Drag a new condition of
success logon
3 . New Condition : alert when a
Successful logon detected post a failed
attempt.
Co-Relation Rule Creator : Forensics Made Easy
26. Manager Settings: Allows to configure log sources and
parameters , like roles asset types etc
TLC Manager
27. Actions : several types of actions can be
configured to process on qualifying an
event as sending email detailed or
summary or run a report creating tickets
for engineers and executing scripts' hosted on the server
Alert & Actions
29. For reference only
Contact Us for more details on Tripwire products
www.softwareasia.com
Website : www.softwareasia.com
Email: Sales@logon-int.com
Email: Support@logon-int.com