Tripwire Log Center
Strengths: Integrates with Tripwire Enterprise for added analysis functionality
Weaknesses: Documentation could have included a separate user manual
Verdict: An important part of the Tripwire suite. If you are a Tripwire customer give this one a very close look
Tripwire Log Center captures and collects logs from several devices and network sources and stores them in their raw unaltered state for correlation and analysis. It also features log management capabilities for complete cataloguing of logs and events for compliance and forensic analysis.
We found the installation to be easy and straightforward. The software itself comprised two installers. The first is the Log Center services and database integration setup and the second is the Log Center Console. After installation all configuration and management is done through the Log Center Console application. We found this to be well organised, with an intuitive design. It can also be set up and customised with two different layouts to fit the user's specific needs.
This product can be integrated with Tripwire's Enterprise platform to add the capture of change information. The user can place correlation results from both the Log Center and Enterprise and determine if suspicious activity is malicious or just an anomaly.
Documentation provided with this product included an installation guide and an online help document. The installation guide illustrates all of the steps necessary to get the software up and running, with a detailed step-by-step procedure. The help file provides a great amount of detail on how to use and configure the product, complete with many screenshots and step-by-step instructions that are easy to follow. We would have liked to see an actual user guide, but this help file was sufficient for our needs.
Tripwire provides numerous support options as part of two plans that can be purchased as part of maintenance agreements. Some of these include 24/7 phone and email support, product updates and upgrades, access to an online support portal with a knowledgebase, a user forum and many other resources.
At a price starting at just over £13,600 we find Tripwire Log Center to be good value for the money. It provides a decent amount of correlation features, as well as forensic capabilities in an application that is easy to use.