List History Logs for 15 days - for S8720 1

What version is you Communication Manager?

You can go to linux CLI and run "cd /var/log/ecs;ls -l commandhistory*"
It will show the files that store history and the dates the files were last modified. The CM history will only be in these files for cm4 or higher. The amount of data in the files is controlled by logging-levels.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

39 years Bell, AT&T, Lucent, Avaya
Tier 3 for 29 years and counting
[URL unfurl="true"]http://bshtele.com[/url]

From linux CLI "last" command returns logins to the server and the ip address connected from. You could associate the times in the CM history log with the times of logins. This data may go away and start over on August 1,

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

39 years Bell, AT&T, Lucent, Avaya
Tier 3 for 29 years and counting
[URL unfurl="true"]http://bshtele.com[/url]

Thank you very much Friends..

We have logged a case with Avaya - if Avaya is not pulling data by Midnight 07/31.

we will not be able to see who did this even.

S8720 Login Details with IP will be stored for 30 Days with Avaya and will be erased by system on start of every month.

Is that a standard way S8720 works?

Regards,
Sam

You can also access logs by logging into the web interface for the PBX and selecting the Server Maintenance option.

Login/Logout with login and IP Address:

Under Diagnositis in the menu on the left side of the screen select System Logs.

Check off the box for Linux login/logout/reboot logs, change your date range at the bottom of the screen under Select Event Range and click View Log.

Executed Command History with login and IP address:

Under Diagnositis in the menu on the left side of the screen select System Logs.

Check off the box for Linux syslog, change your date range at the bottom of the screen under Select Event Range and click View Log.





- Stinney

Quoting only proves you know how to cut and paste.

Sorry, made a mistake, that'll teach me to post before I have my morning coffee.


Executed Command History with login and IP address:

Under Diagnositis in the menu on the left side of the screen select System Logs.

Check off the box for Platform command history log, change your date range at the bottom of the screen under Select Event Range and click View Log.


**You can also add a text filter in the Match Pattern box to find the specifc change entry**

- Stinney

Quoting only proves you know how to cut and paste.

Hi Stinney,

Thank you very much for your help.

I still have one question in my head.

How many days will this history stay in the system.

Will Data be automatically erased every 30 days.

or will Avaya have it 6 Months and then they take it out.

Regards,
Sam

I'm not sure what the default is. I also think the logs are based on size, not date, so if you have a lot of changes going on daily they could get overwritten fairly quick.

My change log goes back 2 months at the moment.



- Stinney

Quoting only proves you know how to cut and paste.

Information about commands and history of transactions in CM and Linux commands.
logs can be accessed by logins with permissions to read files in linux.
Using the Web Browser, you may be able to look at logs that your login will not
allow you to look at in linux (such as read only by sroot)

"all commands entered at the console or Definity terminal emulator"

This is not possible because the software only logs commands for add, change,
remove, and some maintenance commands like test, busy, release, reset to name a
few. Display, list, status, commands and many others do not get logged and you
would never know that anyone is doing them unless you do status logins while
these type commands are active.

You can monitor user's changes with Command: notify history (in realtime)

Command: list history (1800 line circular buffer of commands)

How fast this buffer fills is determined by numbers of changes and what data you
are sending to the history log. (This can be controlled in cm4 and higher)

Items like tti / psa / cms agent changes in loads before cm4 can also be
controlled.
----------------------
cm4 and higher:

"Log Data Values: both" can log before and after changes to the log files for
some SAT command changes.
prior to cm4:

system-parameters features

Record CTA/PSA/TTI Transactions in History Log? y
Record All Submission Failures in History Log? y
Record PMS/AD Transactions in History Log? y
Record IP Registrations in History Log? y
------------------
different versions of CM store commands (CM and linux) in different files.
Data that is stored in the files changed from version to version.
Basically all of this is in the file system and you will have to look at the
files and timestamps on the files to see what your system normally stores before
the data is overwritten. These files will store more than the 1800 lines that
you can access from CM Command: list history
Also be aware that on duplicated servers, the offline (standby) server logfiles
will not have current CM commands stored. The commands logfiles will have data
from the last time the server was active. Knowing this about your system and
doing interchanges based on times just before files are to be overwritten will
double the amount of stored data in the combined server's files.

/var/log/messages
/var/log/messages.1
/var/log/messages.2
/var/log/messages.3
/var/log/messages.4
/var/log/commandhistory
/var/log/commandhistory.1
/var/log/commandhistory.2
/var/log/commandhistory.3
/var/log/commandhistory.4
----------------------------------
you could write a script to copy or tar and zip and copy to another server
on an as needed basis.

script could be as simple as follows which will create a tar.gz file with the
server_name and date in the file name. Then use scp or ftp to copy the archive
file off of the server to another server.

tar cvf /var/home/ftp/pub/`uname -n`_`date +%m%d%y`_hist_logs.tar /var/log/mess*
tar rvf /var/home/ftp/pub/`uname -n`_`date +%m%d%y`_hist_logs.tar /var/log/ecs/c
ommandhist*
gzip /var/home/ftp/pub/`uname -n`_`date +%m%d%y`_hist_logs.tar
--------------------------------------------------------------------------------
linux CLI "last" command will show linux login access with logins and ip access
information for the current month. This goes away and is overwritten each month.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

39 years Bell, AT&T, Lucent, Avaya
Tier 3 for 29 years and counting
[URL unfurl="true"]http://bshtele.com[/url]

Thank you very much Bsh....

That was really a good information to have.

I will ask my Avaya to Speed-up and pull the date ASAP.

Once again Thanks all for your valuable Suggestion & Feedback.

Regards,
Sam