Security

Card Entry Access Data

asofo
Path Finder

Has anyone successfully indexed access data from a swipe card entry system? Specifically Honeywell. I understand this can be done by a database connection for historical data, or an API for real time data. I have zero development experience so I'm not 100% sure what I would do with the API they provide. Any help would be appreciated. Thanks!

muebel
SplunkTrust
SplunkTrust

I'm guessing the card reader is on the network? Does it have a REST api? I'd consult the documentation in that case, it's usually pretty easy to get started with the examples there and work up to extracting the information you want.

As domenico_perre mentioned, if the reader has or interacts with some sort of database, you could possible utilize the DBX app in order to setup database inputs and ingest that data in splunk. : https://splunkbase.splunk.com/app/2686/

This sort of thing seems to fall under the "Internet of Things" umbrella talked about here : http://www.splunk.com/en_us/solutions/solution-areas/internet-of-things.html

In particular, this software http://info.kepware.com/idf-for-splunk is supposed to be able to interface with Honeywell devices and inject the data out of the box. It costs some amount of money, but has a free demo.

Let us know how it goes!

asofo
Path Finder

Thanks I will have a look. The vendor did say they would give me their API, so I'll start there. I'll let you know how I make out. Thanks!

0 Karma

domenico_perre
Path Finder

If it is in a database look at db connect. That's a good start.

If you don't know then look for files with a modified date of today to see where it's writing to.

0 Karma

asofo
Path Finder

Thanks. I will check it out.

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...