Cisco Unity Connection

Slides:



Advertisements
Similar presentations
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
Advertisements

Dexter Team IPv6 in Connection 8.5.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Unity Connection Qualification for Prime Collaboration Development Release.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2012 Cisco and/or its affiliates. All rights reserved. 1 SRSV MWI Functionality.
1 © 2001, Cisco Systems, Inc. All rights reserved. Voice Connector Features Voic Interoperability – 4.0(5) Voice Connector features Rahul Singh.
April WebEx Intel ® Active Management Technology (AMT) LANDesk Provisioning LANDesk Server Manager.
© 2006 Cisco Systems, Inc. All rights reserved.1 Unity Connection 7.0 Calendaring TOI Andrew Biggs
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Unity Connection 2.0 Architecture TOI Part I – System Level Overview.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 SAN Certificate in Unity Connection Presenter Name: Bhawna Goel.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2012 Cisco and/or its affiliates. All rights reserved. 1 Cisco Unity Connection.
© 2012 Cisco and/or its affiliates. All rights reserved. BRKUCC Cisco Public (SAML) Single Sign-On (SSO) for Cisco Unified Communications 10.x By.
Missed Call Notification Unity Connection 11.0
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Otomo End User SSO - TOI March 2014 Otomo 10.5 – End User SSO Support.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2012 Cisco and/or its affiliates. All rights reserved. 1 Voice Mailbox.
© 2013 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2013 Cisco System Inc. All rights reserved. 1 System Backup And Restore Utility.
Presentation_ID © 2012, Cisco Systems, Inc. All rights reserved. Cisco Confidential.
1 © 2003, Cisco Systems, Inc. All rights reserved. Proprietary and Confidential Unity Connection 2.0(1) Miu Architectural Overview TOI June 10, 2007 Mike.
© 2006 Cisco Systems, Inc. All rights reserved.1 Connection 7.0 Serviceability Reports Todd Blaisdell.
© 2013 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2013 Cisco System Inc. All rights reserved. 1 February 14, 2014 Unity Connection Legal.
Configuring AAA requires four basic steps: 1.Enable AAA (new-model). 2.Configure security server network parameters. 3.Define one or more method lists.
Cisco IOS Command Line Interface Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
© 2015 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2015 Cisco System Inc. All rights reserved. 1 Subject Line Customization for Notifications.
For Oracle employees and authorized partners only. Do not distribute to third parties. © 2008 Oracle Corporation – Proprietary and Confidential.
© 2006 Cisco Systems, Inc. All rights reserved.1 Cisco Unity Connection – External Service Diagnostic Tool Unity Connection ESDT TOI Overview Yolanda Liu,
Narasimha Reddy Gopu Jisha J. Agenda Introduction to AlwaysOn * AlwaysOn Availability Groups (AG) & Listener * AlwaysOn Failover * AlwaysOn Active Secondaries.
Cisco Study Guide
Arizona SharePoint Professionals Group.
1 Internal Use Only OmniVista 3600 Air Manager demonstration guide eDemo August 2016.
Session disclaimer This is a point of time view
REST API Support for Squared UC in Unity Connection 11.5
Centralized Management for Barracuda Networks products
Troubleshooting Tools
Cisco Unified Operations Manager Proactive Voice Troubleshooting
Nicholas Hsiao Critical Log Review Checklist for Security Incidents – By ArcSight Logger For template guidelines or applying this.
Configuring Attendant Console
CCNA Routing and Switching Routing and Switching Essentials v6.0
Module Overview Installing and Configuring a Network Policy Server
Information Security Professionals
Cisco Unity Connection
Unity Connection Smart Licensing TOI
Troubleshooting Network Communications
Cisco Unity Connection
Cisco Unity Connection
DriveScale Proprietary Information © 2016
Embedded IPMI.
CONNECTION ADVANCE REPLICATION ESTABLISHMENT
Chapter 10: Device Discovery, Management, and Maintenance
CCNA Routing and Switching Routing and Switching Essentials v6.0
Cisco Unity Connection
NAT , Device Discovery Chapter 9 , chapter 10.
1Y0-253 Exam Implementing Citrix NetScaler 10.5 for App and Desktop Solutions
Cisco Real Exam Dumps IT-Dumps
Cisco Unity Connection Logon Session Limit – TUI/VUI
Voice User Interface Voice Directory Cisco Unity Connection 1.2
Cisco Unity Connection Disable Inactive Users Accounts
Cisco Unity Connection Read-only CLI
Voice User Interface Distribution List Addressing Cisco Unity Connection 1.2 Mike Maas Unified Communications Business Unit (UCBU)
Chapter 10: Device Discovery, Management, and Maintenance
Cisco Unity Connection Customized Log-on Message
Voice User Interface Installation and Configuration Cisco Unity Connection 1.1 Mike Maas Unified Communications Business Unit (UCBU)
Chapter 8: Monitoring the Network
Cisco Unity Connection Minimum TLS Version Support
Voice User Interface Improved Greetings Cisco Unity Connection 1.2
Cisco Unity Connection Common PIN
Unity Connection 7.0 Service Management TOI
Cisco Unity Connection
Training Module Introduction to the TB9100/P25 CG/P25 TAG Customer Service Software (CSS) Describes Release 3.95 for Trunked TB9100 and P25 TAG Release.
Cisco Unity Connection -
Cisco Unity Connection Auto Advance to Next Message After Forward
Presentation transcript:

Cisco Unity Connection Audit Logging EDCS - 1572374 May 23 2016

Notice The information in this presentation is provided under Non-Disclosure agreement and should be treated as Cisco Confidential. Under no circumstances is this information to be shared further without the express consent of Cisco. Any roadmap item is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

Agenda Introduction What's new Use cases References

Introduction

Introduction At Cisco Unity Connection, with audit logging we monitor and log any configuration change to the system by a user or as a result of the user action. Supported audit events :– Application audit log DB audit log VOS audit log System Administrator or Audit Administrator can configure above logs. Audit events can be redirected to an RTMT or a Remote Syslog server.

What's New

What's NEW Enhancements made in Unity Connection Release 11.5 and onwards: Audit logging of a Remote Account Admin user Audit logs transmission to remote syslog server over TCP Audit alerts triggered on failure of audit log transfer through TCP mode Audit Logging for Remote Admin account can be logged over Log Stash Server

CLIs for Audit Logs To check transmission mode of audit logs to remote server: utils remotesyslog show protocol To change the transmission mode of audit logs to UDP protocol: utils remotesyslog set protocol udp To change the transmission mode of audit logs to TCP protocol: utils remotesyslog set protocol tcp Note: Default mode of communication is UDP. In EnhancedSecurity Mode, it changes to TCP

Use Cases

Use Case 1 – Application Auditing System Admin / Audit Admin can configure audit logs from Cisco Unified Serviceability webpage.

Use Case 1 – Contd. Application Audit logs transmission to a remote syslog server can be configured from the Cisco Unified Serviceability webpage A scenario of Failed/Successful login to a CUC web application Login Failure Audit Log: 03:08:00.296 |LogMessage UserID : admin ClientAddress : 10.77.250.47 Severity : 4 EventType : UserLogging ResourceAccessed: Cisco Unity Connection Serviceability EventStatus : Failure CompulsoryEvent : No AuditCategory : AdministrativeEvent ComponentID : Cisco Unity Connection CorrelationID : AuditDetails : Failed to login to Cisco Unity Connection Serviceability App ID: Cisco Tomcat Cluster ID: Node ID: ucbu-aricent-vm175

Use Case 2 – Remote Account Activity Auditing Audit logs of operations done by a Remote Account Admin can be seen at the Log Stash Server.

Use Case 2 – Contd. CLI commands to configure a Remote LogStash Server: To configure the LogStash Server details utils filebeat config To enable the remote account auditing utils filebeat enable To disable the remote account auditing utils filebeat disable To check the status of remote account auditing utils filebeat status  Note: The operations done by TAC on system using remote_account are now recorded and can be viewed only over LOG Stash Server.

Use Case 3 – When a Critical Service Goes Down Transmission of Cisco Syslogs to a remote syslog server can be configured from Cisco Unity Connection Administration webpage. Shutdown of a critical service say ‘Connection Mixer’, alarms are generated and transferred to the Syslog Remote server.

Use Case 3 – Contd. Audit alarm and alert generated when a critical service stops. Critical Service down Audit Log: May 19 14:02:13 ucbu-aricent-vm88 local7 3 : 1: ucbu-aricent-vm88.cisco.com: May 19 2016 08:32:13 AM.535 UTC : %UC_UCSRM-3-CriticalServiceDown: %[AppID=CuSrm][ClusterID=][NodeID=ucbu-aricent-vm88]: Critical Service Connection Mixer is down.

Use Case 4 – RTMT Alarm When Audit Logs Transmission Fails Audit alarms generate if audit logs fail to transmit on TCP to the remote server configured. RTMT Alert Audit Log: May 23 09:49:21 ucbu-aricent-vm88 local7 2 : 110: ucbu-aricent-vm88.cisco.com: May 23 2016 04:19:21 AM.698 UTC : %UC_RTMT-2-RTMT_ALERT: %[AlertName=TCPRemoteSyslogDeliveryFailed][AlertDetail= At Mon May 23 09:49:21 IST 2016 on node ucbu-aricent-vm88, the following TCPRemoteSyslogDeliveryFailed events generated: #012RemoteSyslogServerIP : 10.76.215.161#012RecommendedTCPPort : 601#012Source : 1#012AppID : Cisco Syslog Agent#012ClusterID : #012NodeID : ucbu-aricent-vm88#012 TimeStamp : Mon May 23 09:49:13 IST 2016][AppID=Cisco AMC Service][ClusterID=][NodeID=ucbu-aricent-vm88]: RTMT Alert

References

References Annotated logs wiki: Troubleshooting Guide for Cisco Unity Connection: https://wiki.cisco.com/display/12341/CUC+Audit+logs http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/troubleshooting/guide/10xcuctsgx.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.