06-10-2011 02:41 AM - edited 03-19-2019 03:05 AM
Hi All,
Is it possible to enable syslog for helpdesk administrator user id in unity connection? If yes, will it capture all the activity who is doing what in unity (all activity including voicemail Pin reset with extn details).
Please help me here to close the security team concern for this.
Thanks in advance !!!!
06-10-2011 03:00 AM
Hello,
The feature your looking for is called 'Audit Logs' have a look at http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/8_5_1/admin/saaulog.html
Here is a very cut down list of logged Unity Connection events.
Command-Line Interface
All commands issued via the command-line interface are logged
Cisco Unity Connection
Cisco Unity Connection Administration logs the following events:
•User logging (user logins and user logouts).
•All configuration changes, including but not limited to users, contacts, call management objects, networking, system settings, and telephony.
•Task management (enabling or disabling a task).
•Bulk Administration Tool (bulk creates, bulk deletes).
•Custom Keypad Map (map updates)
Cisco Personal Communications Assistant (Cisco PCA)
The Cisco Personal Communications Assistant client logs the following events:
•User logging (user logins and user logouts).
•All configuration changes made via the Messaging Assistant.
The one issue is that I am not aware of being able to send these files to an external syslog sever, they are only written to the servers own log files. Maybe somebody else can add further assistance.
Hope this helps,
Craig
(PLEASE RATE HELPFUL POSTS)
06-10-2011 04:55 AM
Hi Craig,
Thanks for your information.
06-17-2011 05:34 AM
Hi Criag,
Greetings for the day !!!!
Right now I could see success and failed login but not able to get the log for configuration change i.e.,
What a service Desk did?
Please help me here to resolve this issue.
Thanks in advance !!!!!
06-17-2011 06:11 AM
Good day,
When you set up the auditing did you set the level to 'administrative tasks'?
Log onto the 'Cisco Unified Servicability' web page
Select 'Tools' > 'Audit Log configuration'
In the section called 'Database Audit Log Filter Settings' tick the box called 'Enable Audit Log' and set the level to 'Admin Tasks'. I have just tested this and I can see the creation and deletion of users in the log files.
There are also fields for Syslog configuration so it looks like you may be able to get this working as you wanted.
Hope this helps,
Craig
(PLEASE RATE HELPFUL POSTS)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: