Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Audit configuration changes and send them to an ELK

Status
Not open for further replies.
xclchxclch

xclchxclch

Systems Engineer
Nov 2, 2018
3
ES
Hi,
I would like to validate a project I want to do. Currently I have the CUCM 8 software.
And I would like to audit certain events such as the configuration changes of each phone and changes in the lines configuration.
I understand that the logs belonging to the operating system itself can be sent using RSYSLOG, but those are not the events that I need.
On the other hand, I would like to send such events to a storage system
of logs such as the ELK cluster.

My doubts are:
Where can I activate this audit?
What kind of export do these logs support?
Is there any automation that these events to be exported every x time?.

Thanks!.
 
Sort by date Sort by votes
I'm not sure what you are trying to achieve by logging changes but you will need another product to monitor database changes. Either something like collaboration assurance or a third party product.
Maybe if you tell us why you need to monitor changes we can help with other suggestions
 
Upvote 0 Downvote
Hi!, first of all thank you for your response.

As I understand, make changes such as changing a line for another in an IP phone, generates a log within the CUCM. I have an ELK-based solution that generates some alerts based on the logs, so I want to have control over the configurations of the voiceip terminals. I hope you have understood me, English is not my mother tongue. Thank you!
 
Upvote 0 Downvote
Sorry I typed submit by accident.
I dont know what an ELK solution is but you can enable audit logs, collect them via RTMT and write the code in your software to sort out the audit logs.
tame a look at this link which is for 7X version but still relevant to 8X:

 
Upvote 0 Downvote
Hi,

ELK is elascticsearch, logstash and kibana. A solution used for logs centralization and views in real time.
I've seen the link, and what interests me is precisely the export of that data. I do not know if the RTMT if it can work through commands and if it allows to automate it every x time. I was also looking to copy it with sftp, but I can not automate it either ...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mikedphones
  • Locked
  • Question
MASS - Looking for a Cisco Call Manager support tech to move and reconfigure
Replies
0
Views
235
mikedphones
mikedphones
Gnjiro
  • Locked
  • Question
Cisco Ip Phone 7841, 7821 Delay when making call both inbound and outbound in sip protocol
Replies
3
Views
280
thepfy
thepfy
jarod_paris
  • Locked
  • Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
128
jarod_paris
jarod_paris
Russell35674
  • Locked
  • Question
Cisco VG310/320 migrate from SCCP to MGCP
Replies
1
Views
239
whykap
whykap
jrothwell
  • Locked
  • Question
CMBE5000 / CUCM and Unity 8.6.2 licensing
Replies
0
Views
116
jrothwell
jrothwell

Part and Inventory Search

Sponsor

Back
Top