File Integrity Monitoring (Requirements 10.2.2, 11.5, 10.5.5) is a recent addition to Splunk. OSSEC has been doing that from day-one, and it's free... so....
On Wed, Jan 19, 2011 at 1:27 PM, Jefferson, Shawn <[email protected]> wrote: > Splunk does file integrity monitoring? > ________________________________ > From: [email protected] [mailto:[email protected]] On > Behalf Of [email protected] > Sent: Wednesday, January 19, 2011 10:17 AM > To: [email protected] > Subject: [ossec-list] Splunk and OSSEC overlap > > I’ve been looking into the functional overlap between SPLUNK and OSSEC, and > it seems that SPLUNK can accomplish many of the same tasks as OSSEC. I’ve > used the OSSEC app for SPLUNK, so they must partner well, but I can’t find > very many differences. > > > > In short, it seems as if someone would purchase the SPLUNK enterprise > product, they would have a replacement for their existing OSSEC deployment… > > > > What are your thoughts? Is there room for both tools in the enterprise? > > > > > > > > > > > > Tyler Ross > >
