This document provides a feature-wise comparison report between ManageEngine EventLog Analyzer and TripWire Enterprise. Comparison done here is based on the information available in the competitor’s website and so the details may vary with the real product.
ManageEngine EventLog Analyzer is a comprehensive log management solution that helps you to meet the SIEM needs. The solution centrally collects, analyzes, correlates and archives log data from sources across the network that helps in simplifying your compliance management. It also has in-built File Integrity Monitoring module that helps to protect the confidential data in your network.
On the other hand, Tripwire Log Center is a log intelligence solution that collects, analyzes and correlates the log data. However, to meet other SIEM needs such as protecting confidential data it requires integration with its SIEM platform, Tripwire Enterprise.
Feature Comparison
Agent-less |
|
Not Specified |
Agent based |
|
|
Cross platform log collection |
|
|
Heterogeneous server/ device support |
|
|
Import logs |
|
Not Specified |
Periodical import of logs |
|
Not Specified |
Log filter |
|
|
Universal Log Parsing and Indexing(ULPI) |
|
|
Log collection and processing rate |
20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. |
Not Specified |
Windows event log |
|
|
Syslog |
|
|
Any format – with Universal Log Parsing and Indexing (ULPI) technology |
|
|
Amazon Web Services (AWS) EC2 Windows instances |
|
Not Specified |
Proprietary applications [Microsoft IIS Web Server, FTP Server (W3C logs), Apache Web Server, DHCP Windows, DHCP Linux] |
|
|
Database applications [Oracle Audit, MS SQL Server] |
|
|
Any application – with Universal Log Parsing and Indexing (ULPI) technology |
|
|
Custom devices [IBM iSeries (AS/400), VMware] |
|
|
Custom devices
- Firewalls
- Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
- Anti-virus application
- Mail and web application
- Vulnerability Scanners
- Unified threat management solutions
-
- Symantec DLP Application
- FireEye
- Symantec Endpoint Solution
|
|
|
Real-time alert |
|
|
Notification – Email, SMS, Run program |
|
Email & Run Program : Yes
SMS : Not Specified |
Compliance alerts |
|
Not Specified |
File Integrity Monitoring |
|
Provided under TripWire Enterprise (TLC can be integrated with TripWire Enterprise) |
Canned reports |
|
|
Custom reports |
|
|
Scheduled reports |
|
|
Report distribution via Email |
|
|
Reports in PDF, CSV & HTML formats |
|
(Also: XLS Format) |
Drill down to raw logs |
|
|
Filter using mouse gesture |
|
|
Management specific reports (Ask ME) |
|
|
Trend reports |
|
|
Privileged user activity monitoring reports |
|
|
Advanced Search using Boolean, Wildcards, Grouped Search, Range search, Phrase search |
|
|
Formatted logs |
|
|
Raw logs |
|
|
Save search result as report |
|
Report: Yes
Alert: Not Specified |
Canned reports |
|
|
Customizable report |
|
|
Reports for new compliance |
|
Not Specified |
PCI-DSS |
|
|
ISO 27001 |
|
Not Specified |
HIPAA |
|
|
FISMA |
|
Not Specified |
SOX |
|
Available in add-on: HP ArcSight Compliance Insight Package |
GLBA |
|
Available in add-on: HP ArcSight Compliance Insight Package |
Event correlation |
|
|
User Session monitoring |
|
|
Reports on File Integrity Monitoring |
|
On integration with TripWire Enterprise |
Report Scheduling |
|
On integration with TripWire Enterprise |
Real-time alerts upon critical changes to files/folders being monitored |
|
On integration with TripWire Enterprise |
Audit trial reports on files/folders changes |
|
On integration with TripWire Enterprise |
Flexible periodicity |
|
|
Flexible retention |
|
|
Secured (Encrypted) |
|
|
Tamper-proof |
|
|
User based views |
|
|
User based dashboards |
|
|
Rebranding |
|
Not specified |
Realm & user based access |
|
|
Active Directory based user authentication |
|
|
RADIUS server based user authentication |
|
|
Easy to install |
|
|
Web based Client |
|
|
Bundled database (PostgreSQL/MySQL) |
|
|
Windows & Linux platforms support |
|
|
64 Bit support |
|
|
Appliance based |
|
|
Based on number of servers, devices & applications |
|
Based on volume of log data handled. |
Annual Subscription Model |
|
|
Perpetual Model |
|
|
Cost |
Server/ application based licensing. Annual Subscription License Premium Edition 10 log sources pack starts at $595 (Including 1st year AMS). Yearly renewal includes upgrade, maintenance, and support. |
Not specified. |