×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Audit configuration changes and send them to an ELK

Audit configuration changes and send them to an ELK

Audit configuration changes and send them to an ELK

(OP)
Hi,
I would like to validate a project I want to do. Currently I have the CUCM 8 software.
And I would like to audit certain events such as the configuration changes of each phone and changes in the lines configuration.
I understand that the logs belonging to the operating system itself can be sent using RSYSLOG, but those are not the events that I need.
On the other hand, I would like to send such events to a storage system
of logs such as the ELK cluster.

My doubts are:
Where can I activate this audit?
What kind of export do these logs support?
Is there any automation that these events to be exported every x time?.

Thanks!.

RE: Audit configuration changes and send them to an ELK

I'm not sure what you are trying to achieve by logging changes but you will need another product to monitor database changes. Either something like collaboration assurance or a third party product.
Maybe if you tell us why you need to monitor changes we can help with other suggestions

RE: Audit configuration changes and send them to an ELK

(OP)
Hi!, first of all thank you for your response.

As I understand, make changes such as changing a line for another in an IP phone, generates a log within the CUCM. I have an ELK-based solution that generates some alerts based on the logs, so I want to have control over the configurations of the voiceip terminals. I hope you have understood me, English is not my mother tongue. Thank you!

RE: Audit configuration changes and send them to an ELK

I dont know what an ELK

RE: Audit configuration changes and send them to an ELK

Sorry I typed submit by accident.
I dont know what an ELK solution is but you can enable audit logs, collect them via RTMT and write the code in your software to sort out the audit logs.
tame a look at this link which is for 7X version but still relevant to 8X:

https://www.netcraftsmen.com/audit-logs-on-cisco-u...




RE: Audit configuration changes and send them to an ELK

(OP)
Hi,

ELK is elascticsearch, logstash and kibana. A solution used for logs centralization and views in real time.
I've seen the link, and what interests me is precisely the export of that data. I do not know if the RTMT if it can work through commands and if it allows to automate it every x time. I was also looking to copy it with sftp, but I can not automate it either ...

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close