I originally I wanted an alarm that would send logs via IP to Splunk, so I bought a Visonic PowerMax and the PowerLink2 module(IP Interface). It wasn't quite as simple as I thought it would be, as I didn't realise that the module was really just meant to be for monitoring stations.
I decided that I would try and get it to work anyway. So while running Wireshark I could see that PowerLink was trying to talk with my laptop on dst_port 8080, and I set Splunk to receive traffic on TCP port 8080. Every two minutes the PowerLink keeps sending the below. At first I thought it was related to authentication, and then saw it mentions update.php and upgrade_status???
GET /scripts/update.php?serial=00a0a0&id=ID&account=001234&ver_sw=6.3.2&ver_hw=123&ver_var=6000&upgrade_status=0&configuration_status=0 HTTP/1.1
I have never done any scripting or coding before and come from a networking background, but a fast learner and would really appreciate your help.