Skip to main content
 
Splunk Lantern

Physical security data

 

Physical security refers to the act of restricting and monitoring physical access to an organization's facilities. Often organizations will employ keypads, card readers, biometric scanners, motion detectors and other means of controlling access to physical locations to ensure only authorized access occurs. Logs from these tools can be used to detect stolen access credentials (for example, stolen id cards, keypad PINs), forced entry, and insider threats.

Badge readers record information such as user ID, date and time of entry, and sometimes a photo for each access attempt. The data can be used to detect attempted breaches and be correlated to system and network logs to identify potential insider threats and provide overall situational awareness. It can also be used to detect access at unusual times and locations or for unusual durations.

RFID, NFC, and BLE are the three primary wireless methods organizations use today to keep track of objects and interact with customers in retail stores.

  • Common use cases of RFID are asset tracking, inventory management, even attendee tracking. Data insights from RFID can help improve overall supply chain, order processing, and inventory management.
  • NFC is a subset of RFID and is designed to be a more secure form of data exchange, and allows devices to communicate peer-to-peer. NFC is commonly used for contact-less payments, exchanging information between two parties (such as smartphones), and even badge readers that unlock doors. At the same time, organizations are adopting Bluetooth Low Energy (BLE) wireless connectivity solutions that can broadcast signals to other devices.
  • BLE is used most widely in beacons that are employed, for example, to inform shoppers of new sales in retail stores on their smartphones or to update fans on events that might be occurring during a sporting event. BLE is used to engage customers directly as they move about a specific location, which in turn creates data that can be used to optimize the customer experience.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Use cases for the Splunk platform