Avaya Support Forums  

Go Back   Avaya Support Forums > Enterprise PBX Communications Systems

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 04-02-2015, 07:00 AM
aschuy aschuy is offline
Aspiring Member
 
Join Date: Apr 2015
Posts: 1
aschuy has 10 reputation points
Default CDR to splunk

Does anyone have any experience setting up the Avaya CM to send Call Detail Recording information into Splunk? I'm interested in utilitzing Splunk for CDR, but can't find much information on it. Avaya dev connect is telling me that Avaya doesn't have any formal configuration for Splunk, but it appears that it should be a viable solution.
Reply With Quote
  #2  
Old 04-22-2015, 09:28 PM
wuu wuu is offline
Member
 
Join Date: Aug 2014
Posts: 3
wuu has 10 reputation points
Default

This tool can help

https://uwengkai.wordpress.com/2012/...apturing-tool/

Last edited by wuu; 04-22-2015 at 09:36 PM.
Reply With Quote
  #3  
Old 06-09-2015, 06:58 AM
lynnt lynnt is offline
Member
 
Join Date: May 2015
Posts: 8
lynnt has 10 reputation points
Default

I'm doing this today. We first send the records to a linux server which is running syslog-ng. We do this because the team that manages Splunk has a rather short retention time built into their service level agreements. We can keep them in Splunk up to 180 days max. We leave them on the Syslog server for up to 7 years. Syslog-ng distributes records into sub-directories based on the host from which the data is received. Syslog-ng is configured to listen on a non-standard TCP port above 5000 (Avaya CM requirement)

On the CM side, we simply set up a node name that points to the linux server using the same port, administer CDR1 on the ip-service screen and then use CDR1 in the system CDR screen.

Splunk has a component called a forwarder that is installed on the linux server. Its job is to monitor the directory tree under which your CDR files reside. It forwards any new records to Splunk. Your Splunk guy (maybe you?) will need to create a regular expression that extracts the fields. Once in Splunk, there are so many ways to manipulate the data. You should especially look into using labels, which will allow you to aggregate records from multiple hosts. This can be very useful if you have an ESS event, because for the duration of the event, your CDR is coming from a different IP/DNS name. Labels will allow you to present them as one seamless system.

Have fun - Tom

Last edited by lynnt; 06-09-2015 at 07:02 AM.
Reply With Quote
Reply

Tags
call detail recording, cdr, splunk

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -7. The time now is 08:22 PM.

This Forum is provided solely for the use and convenience of Avaya customers and partners. Use of the Forum is subject to the Terms and Use and Privacy Statement found at www.avaya.com. No other use is permitted. The Forum including all content posted is “AS IS” and Avaya expressly disclaims all warranties and/or guarantees as to its accuracy, reliability, usefulness, quality or non-infringement of intellectual property. Avaya reserves the right to remove any content posted on the Forum at any time and for whatever reason.

Avaya will not be liable for any content posted on this Forum, including, without limitation, any errors or omissions or for any losses or damages of any kind incurred as a result of use or reliance on any content, regardless of its origin.

You expressly understand and agree that you assume all risks associated with use or reliance on this content.