Dan Cundiff and Danny Parker {team name: “Baby Cam”, spirit animal: “Cat”} tied Eric Helgeson for first place in the “Best Application” category at Splunk’s first App Builder Contest at .conf2012 by building an app that Splunks a baby cam. The idea came to Cundiff at the start of the hackathon when he pulled up the webcam on his Android phone to check out his sleeping son. It occurred to Cundiff that the webcam must have logs on it somewhere and, if he could get them, he could put those logs into Splunk to get some interesting information. The logs for his baby cam provided the following information: who logged in, what IP address did they come from, what time they logged in, whether or not motion was detected in the room and what time motion was detected.
The top chart shows motion detected over time. For example you can see larger spikes for activity in the room when Cundiff’s son takes an afternoon nap and smaller spikes for diaper changes through the day and night. These charts provide exhausted young parents important information about their child’s care and progress. To monitor access control for the baby cam app, login names, frequency, times and originating IP are all tracked.
For further access control monitoring, Cundiff and Parker integrated a map to track originating IP addresses and ensure there haven’t been any suspicious logins to the baby cam app. They also were able to integrate the live video feed into the app’s UI. Cundiff and Parker found that the camera logs contain valuable data for monitoring not only what the camera sees but who’s accessing that camera, how often and from where. This work could be extended to broader security use cases for both residential and commercial users to correlate multiple cameras, monitor camera operations and keep tight control over access.
Follow Cundiff at @pmotch and Parker at @dcparker88 on Twitter. Cundiff also published an app for getting MediaWiki data into Splunk on GitHub.