Page Comparison

...

An Audit policy is used with the Node Cache and System Audit Check report. Yarngate will collect via AXL/Soap/REST the audit configuration settings and check these against the policy to validate

CUCM

• audit enabled

• detailed audit enabled

• correct audit level at least (6, informational)

• being sent to one of the Syslog servers defined (the cucm audit config can only send to 1 syslog server)

Expressway

At least 1 of the 4 Syslog destination matches the following

• audit level at least (informational)

• being sent to one of the Syslog servers defined

• Format set to IETF

• port Number 601

• Filter set

Unity

Not Supported at this time due to CSCwi88877, only syslog activity can be used

An Audit policy can be added by Navigating to Administration > Caching > Policies > Create Policy.

...

Image Added

Configure Caches

...

A Schedule is recommended to keep the cache up-to-date and run just before a maintenance window ends to allow the capture of any new nodes or removal.

Include syslog activity is optional, which will display a tally of the number of syslogs in the last 3 days from elastic search

Navigate to Administration > Caching > Caches > Create Cache

Apply the Node, Audit Policy and Entitlement group(s) and press save

...

...

Schedule

Once saved, navigate back to the new cache, and the Add a Schedule button will be visible.

...

Robot accounts are manually entered and assigned to a Subnet List. These will feed into the Robot report.

...

...

Report templates are assigned to a Schedule to be run at regular intervals

• Hourly

• Daily

• Weekly

• Monthly

PRTG Sensor Push

Reports are created based on a Schedule with the option to send Element counters details to winprtg via an HTTP (s) Push.

Sensor Prefix specifies a name for each winprtg sensor, depending on the options of the 2 toggles.

Detailed Node Message text will include the Hostname of the Node with the issue in the alert text

Per Customer Sensor PRTG will suffix each customername as a sensor in to be sent to winprtg. If Detailed Node message text is selected each Customer sensor will list the nodes for that customer only.

See details in the Report for the toggle outputs

...

Currently, the Metrics pushed to winprtg include

Robot Accounts

This report allows us to cross-check Robot accounts logging in from unknown IP addresses based on matching Defined subnets.

...

...

This report uses the Node Cache to validate settings via AXL/Soap to confirm the Audit Policy complies with the expected values.

This is done on a NodeCache level

This will check the policy for

• audit enabled

• detailed audit enabled

• correct audit level (6, informational)

• being sent to one of the Syslog servers defined (the cucm audit config can only send to 1 syslog server)

the xlsx export contains all the configured details and the policy being tested against.data

the xlsx export contains all the configured details and the policy being tested against for CUCM, Expressway and Unity* and syslog tally if enabled.

Note: Unity only supports syslog tally at this time.

Image AddedImage Added

Sample PRTG Rest Push

System Audit Check

Prefix is set to each sensor push. prefix-status is always sent for each type.

Yarngate will record the response from PRTG, which only gives back an error if the sensor doesn't match (eg not configured) This is recorded as Sucesss True/False

Setting Detailed Node Message Text to Off, Per Customer Sensor PRTG to Off

sensor prefix is sac00, only a single Push, with numeric data only .

{"success":true,"data":{"sensorId":"sac00-status","inputs":{"Prtg":{"Text":"ScheduleName xyz00 Ran Ok <report>902aa63985d91e9a275c4965a7d73b36</report>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":8},{"Channel":"ErrorElements","Value":6},{"Channel":"WarningElements","Value":1},{"Channel":"SkippedElements","Value":4},{"Channel":"TotalElements","Value":19},{"Channel":"PassedElementsPct","Value":43,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":32,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":6,"Unit":"Percent"}]}}}}

Setting Detailed Node Message Text to On, Per Customer Sensor PRTG to Off

sensor prefix is sac01, only a single Push, with numeric data and all nodenames in text

{"success":true,"data":{"sensorId":"sac10-status","inputs":{"Prtg":{"Text":"ScheduleName xyz10 Ran Ok <report>2b30510b4640128bec616f2cbcbc41fb</report><error>ucmc7-cuc ucmc7 ucmc6 ucmc5 labimp115-pub labcucm115-sub</error><warn>tm999cms01</warn>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":8},{"Channel":"ErrorElements","Value":6},{"Channel":"WarningElements","Value":1},{"Channel":"SkippedElements","Value":4},{"Channel":"TotalElements","Value":19},{"Channel":"PassedElementsPct","Value":43,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":32,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":6,"Unit":"Percent"}]}}}}

Setting Detailed Node Message Text to Off, Per Customer Sensor PRTG to On

sac-01 as the prefix, for each customer a seperate sensor push with numeric counters, followed by -status as the last

{"success":true,"data":{"sensorId":"sac01-status","inputs":{"Prtg":{"Text":"ScheduleName xyz01 Ran Ok <report>902aa63985d91e9a275c4965a7d69290</report>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":8},{"Channel":"ErrorElements","Value":6},{"Channel":"WarningElements","Value":1},{"Channel":"SkippedElements","Value":4},{"Channel":"TotalElements","Value":19},{"Channel":"PassedElementsPct","Value":43,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":32,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":6,"Unit":"Percent"}]}}}}

Note success false for the 2nd element, indicating its not configured in PRTG

{"success":false,"data":{"sensorId":"sac01-UCMC7-XLS-Master","inputs":{"Prtg":{"Text":"ScheduleName xyz01 Ran Ok <report>902aa63985d91e9a275c4965a7d69290</report>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":0},{"Channel":"ErrorElements","Value":2},{"Channel":"WarningElements","Value":0},{"Channel":"SkippedElements","Value":0},{"Channel":"TotalElements","Value":2},{"Channel":"PassedElementsPct","Value":0,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":100,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":0,"Unit":"Percent"}]}}}}

Setting Detailed Node Message Text to On, Per Customer Sensor PRTG to On

sac-11 as the prefix, for each customer a seperate sensor push with numeric and nodenames in text, followed by -status as the last

{"success":true,"data":{"sensorId":"sac11-status","inputs":{"Prtg":{"Text":"ScheduleName xyz11 Ran Ok <report>UUID</report><error>ucmc7-cuc ucmc7 ucmc6 ucmc5 labimp115-pub labcucm115-sub</error><warn>tm999cms01</warn>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":8},{"Channel":"ErrorElements","Value":6},{"Channel":"WarningElements","Value":1},{"Channel":"SkippedElements","Value":4},{"Channel":"TotalElements","Value":19},{"Channel":"PassedElementsPct","Value":43,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":32,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":6,"Unit":"Percent"}]}}}}

suffix-customer , only the nodes that belong to the customer tm999-cust are populated to the text

{"success":true,"data":{"sensorId":"sac11-tm999-cust","inputs":{"Prtg":{"Text":"ScheduleName xyz11 Ran Ok <report>UUID</report><error>labimp115-pub labcucm115-sub</error><warn>tm999cms01</warn>","Result":[{"Channel":"ReportStatus","Warning":0,"Value":0},{"Channel":"PassedElements","Value":5},{"Channel":"ErrorElements","Value":2},{"Channel":"WarningElements","Value":1},{"Channel":"SkippedElements","Value":1},{"Channel":"TotalElements","Value":9},{"Channel":"PassedElementsPct","Value":56,"Unit":"Percent"},{"Channel":"ErrorElementsPct","Value":23,"Unit":"Percent"},{"Channel":"WarningElementsPct","Value":12,"Unit":"Percent"}]}}}}