Splunk is a software platform that helps organizations search, monitor and analyze data from various 3rd party sources. Verkada allows users to build out efficient workflows to push information from their Command organizations into their Splunk instances through a built-in integration.
Integrating Verkada with Splunk allows you to centralize and analyze your video surveillance data within the broader context of your operational data, enabling better insights and decision-making. This implementation can be used to bring in people and vehicle counts across all cameras in your organization, as well as device notifications. This article will outline the step by step process to setup Verkada’s Splunk integration.
Integration prerequisites
An active Splunk instance with administrative access.
Org admin permissions to your Verkada organization.
A valid Verkada API key (learn how to generate a Verkada API key here).
Detailed breakdown
1. Start by downloading the Splunk Enterprise software from their website (https://www.splunk.com/en_us/download.html). If you already have a Splunk Enterprise account installed and setup, proceed to step 4.
2. Select the corresponding installation package depending on the operating system you are running (Windows, Linux, or MacOS). We recommend downloading the .dmg package for an easier setup process.
3. Once the Splunk Enterprise package is installed, open the application. This will redirect you to a Terminal or PowerShell window which will allow you to create your account credentials (username and password).
Note: You will need to use these credentials later on to log into Splunk and set up the Verkada integration. Following the creation of your account, you will receive an email to verify your account, make sure to check your inbox and complete this step before moving forward with the setup process.
4. The Splunk application should open automatically after setting your username and password. Log in using the credentials you set up in step 3. If the Splunk Enterprise window does not open, navigate to the following URL to login: http://localhost:8000/en-US/account/login?return_to=%2Fen-US%2Fapp%2Flauncher%2Fhome
5. After logging in, you will be brought to the Splunk home page. This is where all of your applications for various integrations, including Verkada, will be managed and configured. In the top left corner of the page, open the “Apps” dropdown menu and select “Find more apps”.
6. In the search box, enter “Verkada”. This will return two applications, but make sure to install the Verkada application that has been most recently updated, called “verkada add-on”.
7. Click the install button for the Verkada app and enter your Splunk account credentials to verify your account. Once you enter your credentials, click “Agree and Install”.
Note: These credentials are different from those created in step 3. To install the app, use the email and password used to log into your general Splunk account (https://www.splunk.com/).
7a. If the above install method does not work, there is an alternative way to download the app by following this link: https://splunkbase.splunk.com/app/6971. Click on “Download” to download the Verkada add-on application.
7b. Once the package has been downloaded, navigate back to your Splunk Enterprise account and go to the “Manage Apps” section, found under the “Apps” dropdown menu. In the “Manage Apps” page, click on “Install app from file” in the top right corner of the screen.
7c. This will bring you to a new page which will prompt you to choose the install file for the application you are looking to add to your Splunk instance. Click on “Choose File” and find the recently downloaded file in your Downloads folder named “verkada-add-on_110.tgz”. Select the file and click “Upload”.
8. Once the app has been downloaded, you will find the “Verkada Add-On” tab on your home page under the “Apps” section.
9. Click on the “Verkada Add-On” tab. This will redirect you to a new page which is where you will be able to set up and manage your Verkada integration.
In your Verkada App page, select “Add Input” in the top right corner of the screen. This will allow you to create two different types of inputs.
The first option, called “verkada_insights” will provide you with the object detection information for each camera in your organization. At regularly scheduled intervals, it will display the count for both people and vehicles that were detected, and the associated timestamp for those counts.
The second option, called “verkada_notifications” will provide you with the full list of all notifications generated by your Verkada devices.
Depending on the use case you are looking to accomplish with Verkada’s Splunk integration, create a new input for either verkada_insights, verkada_notifications, or both.
Note: if you are looking to generate results for both options, you will need to create two separate inputs for each feature.
10. Once you have selected your input, you will be prompted to choose a name for your data input, the time interval in seconds for each processed input, the index (recommended “default”), your Command organization ID, and your Verkada API key. Once all this information has been added, click “Add”.
11. Once you have added this new data input, it will be visible under the Verkada app’s “Input” tab, with the corresponding name that was chosen in step 10.
12. You can verify that the integration has worked by navigating to the “Search” tab and entering ‘source=”verkada_insights”’ or ‘source=”verkada_notifications”’ depending on the data input you have configured.