Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3059
Views
15
Helpful
5
Replies

CUCM application user authentication logs

Go to solution
tato386
Level 6
Level 6

‎11-22-2021 08:17 AM

What is the best way to review password changes, login attempts, lockouts etc for CUCM application users?  I tried using RTMT to download Tomcat logs but they are very hard to read.  Are there other options?

 

Thanks,

Diego

 

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Leonardo Santana
Spotlight
Spotlight
In response to tato386

‎11-22-2021 04:39 PM

Hi,

Try to use the Audit Log Viewer from RTMT i think it might helps you.

Regards
Leonardo Santana

*** Rate All Helpful Responses***

View solution in original post

5 Replies 5

Go to solution
Leonardo Santana
Spotlight
Spotlight

‎11-22-2021 08:31 AM

Hi,

I think you can look at CUCM Audit Logs to achieve this goal

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/12_5_1/admin/cucm_b_serviceability-admin-guide-1251/cucm_b_serviceability-admin-guide-1251_chapter_0111.html 

Regards
Leonardo Santana

*** Rate All Helpful Responses***

Go to solution
tato386
Level 6
Level 6
In response to Leonardo Santana

‎11-22-2021 09:18 AM

Hello Leonardo,

 

Thank you, yes I do have access to the physical files and data.  My issue is how to work with them since they are very low level.  I would think there is a better way to review this data than to search for keywords in a text file.  Maybe there is some kind of parsing tool that can analyze them?  For instance, if I want to know when was the last time a user password was changed?  Right now all I can do is search for terms like "password", "reset" or "change" in the file(s).  Maybe some way to format them so I can load in Excel, etc.

0 Helpful

Go to solution
Leonardo Santana
Spotlight
Spotlight
In response to tato386

‎11-22-2021 04:39 PM

Hi,

Try to use the Audit Log Viewer from RTMT i think it might helps you.

Regards
Leonardo Santana

*** Rate All Helpful Responses***

Go to solution
tato386
Level 6
Level 6
In response to Leonardo Santana

‎11-23-2021 02:48 PM

The audit log viewer is not ideal but I guess I'll have to work with it unless someone comes up with something better.

 

Thank you!

 

0 Helpful

Go to solution
leonardolopes
Level 5
Level 5

‎01-17-2023 05:05 AM

Hello Tato386,

 

I worked on this today and you can collect the last Application-Users login using this command:

run sql select e.name, cd.timelastaccessed from applicationuser as e, credentialdynamic as cd, credential as cr where e.pkid=cr.fkapplicationuser and cr.tkcredential=3 and cr.pkid=cd.fkcredential order by cd.timelastaccessed

hope it can help.

Leonardo DA COSTA

Customers Also Viewed These Support Documents