Security

Card Entry Access Data

asofo
Path Finder

Has anyone successfully indexed access data from a swipe card entry system? Specifically Honeywell. I understand this can be done by a database connection for historical data, or an API for real time data. I have zero development experience so I'm not 100% sure what I would do with the API they provide. Any help would be appreciated. Thanks!

muebel
SplunkTrust
SplunkTrust

I'm guessing the card reader is on the network? Does it have a REST api? I'd consult the documentation in that case, it's usually pretty easy to get started with the examples there and work up to extracting the information you want.

As domenico_perre mentioned, if the reader has or interacts with some sort of database, you could possible utilize the DBX app in order to setup database inputs and ingest that data in splunk. : https://splunkbase.splunk.com/app/2686/

This sort of thing seems to fall under the "Internet of Things" umbrella talked about here : http://www.splunk.com/en_us/solutions/solution-areas/internet-of-things.html

In particular, this software http://info.kepware.com/idf-for-splunk is supposed to be able to interface with Honeywell devices and inject the data out of the box. It costs some amount of money, but has a free demo.

Let us know how it goes!

asofo
Path Finder

Thanks I will have a look. The vendor did say they would give me their API, so I'll start there. I'll let you know how I make out. Thanks!

0 Karma

domenico_perre
Path Finder

If it is in a database look at db connect. That's a good start.

If you don't know then look for files with a modified date of today to see where it's writing to.

0 Karma

asofo
Path Finder

Thanks. I will check it out.

0 Karma
Get Updates on the Splunk Community!

Splunk is Nurturing Tomorrow’s Cybersecurity Leaders Today

Meet Carol Wright. She leads the Splunk Academic Alliance program at Splunk. The Splunk Academic Alliance ...

Part 2: A Guide to Maximizing Splunk IT Service Intelligence

Welcome to the second segment of our guide. In Part 1, we covered the essentials of getting started with ITSI ...

Part 1: A Guide to Maximizing Splunk IT Service Intelligence

As modern IT environments continue to grow in complexity and speed, the ability to efficiently manage and ...