Tripwire Log Center Interface Overview
-
Upload
logon-software -
Category
Technology
-
view
395 -
download
5
description
Transcript of Tripwire Log Center Interface Overview
![Page 1: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/1.jpg)
Overview
www.softwareasia.com
![Page 2: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/2.jpg)
Client interface for the Manager,
Tripwire Console works in in three modules : 1. TLC Manager : The server archiving co relating logs 2. TLC Console : The interface application to connect and manage the manager 3. Log sources : The Assets which we intend to monitor
TLC Overview
Collects, co relate and archives logs
Tripwire Log Center Manager
Windows Linux Active
Directory Database
Network Devices
TLC Manager
LOG Sources
![Page 3: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/3.jpg)
Tripwire Console spitted in two views Events : Allows analysis and reporting. Resources : Configuration Tab for system configuration
TLC Console : Events and Resource
![Page 4: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/4.jpg)
Events :Dashboards : Allows analysis and reporting. and views to Administrators and end users
Dashboards
![Page 5: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/5.jpg)
Events :Dashboards : Customizable layouts
Dashboard views
![Page 6: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/6.jpg)
Events :Event Database Viewers allows to navigate into events database
Event Database Viewer : Sensors
![Page 7: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/7.jpg)
Events :Event Database Viewers allows to navigate into events database
Event Database Viewer : Events on assets
![Page 8: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/8.jpg)
Events :Event Database Viewers enables to do forensics of events by mapping events visualizing co relation , and you can replay events at any stage of forensics
Event Database Viewer : Event Relationships
![Page 9: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/9.jpg)
Events :Event Database Viewers to drill down on event priority
Event Database Viewer : Priorities
![Page 10: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/10.jpg)
Events :Event Database Viewers to drill down on type of communication ports and source IP other parameters
Events: Source and Destination Details
![Page 11: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/11.jpg)
Events :Event Database Viewers to drill down on type of process
Events : System Processes
![Page 12: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/12.jpg)
Events :Event Database Viewers analyze the patterns for event-time graphs
Events : Graphs and Patterns
![Page 13: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/13.jpg)
Real Time Event Viewer :Shows raw and normalized buffered for processing from log sources
Real-time Event Viewer : As they happen
![Page 14: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/14.jpg)
Audit Logger : Allows to query event database and raw in Google like real-time filtering which can be used for reporting and creating scheduled tasks
Audit Logger: Search like google
![Page 15: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/15.jpg)
Task Manager: Allows to interactive define and create task parameters ranging from report tasks to archiving and sanitation tasks
Task Manager: Creating Tasks Precisely
![Page 16: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/16.jpg)
Task Scheduler: Allows automate the tasks
Task Scheduler: Manage,Monitor,Automate
![Page 17: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/17.jpg)
Report Center : Allows to create and define reports and also manually execute reports
Report Center: Reporting
![Page 18: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/18.jpg)
Configuration Tab: Allows to manage the Tripwire Log Center environment and its Assets , logical groups and tagging
Configuration : Managing Environment
![Page 19: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/19.jpg)
Configuration Tab: Allows to manage the Tripwire Log Center environment and its Assets , logical groups and tagging
Assets : Configure, Group, Monitor
![Page 20: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/20.jpg)
Configuration Tab: Allows to manage the Active directories
AD: Integrating Active Directory
![Page 21: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/21.jpg)
Normalization Rules: Allows to normalization of the logs and locate the events of interests in any log string
Normalization Rules: Reading what log says
![Page 22: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/22.jpg)
Normalization Rules: Allows to normalization of the logs and locate the events of interests in any log string sourced by Oracle DB Collector
Oracle Rules
![Page 23: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/23.jpg)
Normalization Rules: Allows to normalization of the logs and locate the events of interests in any log string
Normalization Rules : Tuning
![Page 24: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/24.jpg)
Co Relation Rules: Allows normalized logs to be filtered again and define logical series of events which can become a qualified event of the logs after compiling logs from various sources
Co-Relation Rules : The Sherlock
![Page 25: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/25.jpg)
Co Relation Rules Creator: Allows to define and edit scenario using easy to use Visio based creator
1 . Take a Rule , sends an alert post logon failure
2 . Drag a new condition of success logon
3 . New Condition : alert when a Successful logon detected post a failed attempt.
Co-Relation Rule Creator : Forensics Made Easy
![Page 26: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/26.jpg)
Manager Settings: Allows to configure log sources and parameters , like roles asset types etc
TLC Manager
![Page 27: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/27.jpg)
Actions : several types of actions can be configured to process on qualifying an event as sending email detailed or summary or run a report creating tickets for engineers and executing scripts' hosted on the server
Alert & Actions
![Page 28: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/28.jpg)
End of Slide
www.softwareasia.com
![Page 29: Tripwire Log Center Interface Overview](https://reader034.fdocuments.in/reader034/viewer/2022042514/558ec1a91a28ab29778b473f/html5/thumbnails/29.jpg)
For reference only Contact Us for more details on Tripwire products
www.softwareasia.com
Website : www.softwareasia.com Email: [email protected] Email: [email protected]