- 1.1 Contents
2 Setup
3 Administration
- 3.1 UC Log Collection – On Demand
  - 3.1.1 Trace Levels
- 3.2 UC Log Collection – Scheduled
- 3.3 PRT upload
  - 3.3.1 PRT Configuration
  - 3.3.2 Process to Upload and Collect PRT
- 3.4 Manual Query
  - 3.4.1 AXL SQL Query
  - 3.4.2 RIS Query
  - 3.4.3 LDAP Query
  - 3.4.4 EM Query
- 3.5 UC status
  - 3.5.1 CUCM
    - 3.5.1.1 Alerts
    - 3.5.1.2 Trunks
    - 3.5.1.3 Devices and Device Pools
    - 3.5.1.4 Database
    - 3.5.1.5 Services
    - 3.5.1.6 Certificates
  - 3.5.2 Expressway
    - 3.5.2.1 Alarms
    - 3.5.2.2 Connector Status
- 3.6 Fault Finder
  - 3.6.1 Alternate Syslog Search
  - 3.6.2 Call Logs
  - 3.6.3 Expressway Call Logs
- 3.7 CDR
- 3.8 DNA Visualizer
4 Yarndoor
- 4.1 Yarndoor Authentication and Setup
- 4.2 Yarndoor Branding
- 4.3 Admin Access Setup
- 4.4 Using Admin Access

Setup

To set up Orcamate Engineer Toolkit, Open Yarnman Administration App, then select Services

Select ‘+Add Service’, then from Drop Down, select ‘Engineer App’

Enter Service Name (or accept prepopulated), select Node/Arm and required Authentication Policy, optionally select Associated Customer, Then select ‘Submit’

Next, select Services again, then select Proxy from screen

From Proxy Configuration screen top right corner, select ‘Service Routing’

Then again from top right corner of Proxy Routing screen select ‘Add Yarnapp’ → Engineer App, followed by Submit

Orcamate Engineer App has now been added and may be selected from Yarnman Administrator Drop Down top right corner

Administration

UC Log Collection – On Demand

Supported systems

CUCM
IMP
UCXN

Select the cluster*, time period and services

*Clusters need to be configured, this is performed under Administration App -> Clusters

Trace Levels

To check Trace Levels of CUCM services, select 'Check Trace Levels' button

UC Log Collection – Scheduled

The scheduled log collection push logs to an SFTP server*

Set the start and end time
How often the schedule is run
Cluster
Interface(s)
Services
Log duration on UC app
SFTP interface
SFTP path files are stored in <customer>/<cluster>/<interface>/<time period>

*SFTP server is added as interface under Administration App -> Interfaces

PRT upload

Problem report files can be uploaded to the engineer toolkit for both phones and Jabber if the upload URL is configured on the device in CUCM
These may also be configured to be pushed to SFTP

PRT files from CUCM devices can be pushed to Yarnman and viewed in Orcamate Engineer App under PRT. PRT upload to server from end device is supported on CUCM end devices Jabber, 78XX and 88XX phones

PRT Configuration

Under Yarnman Administration -> Services

Add Service Prattler

Configure Prattler – defining Node or Arm, API Port to bind and optionally SFTP interface and storage path for PRT Files on SFTP server

There is a now a configurable max size and max space for PRT - when an upload request starts the prattler service checks how much space is being used for PRT in couch tasks if there is not 2 x max file size it will delete the 2 oldest tasks - it does not delete old files on SFTP – this must be done with logrotate

In additional customer codes can be added for customer separation

CUCM Endpoint configuration

Open CUCM Admin page - > Device -> Phone

Select phone endpoint (note above on supported endpoints)

For CSF (Jabber)

Select End Device to be configured End Device CSF… for Jabber or SEPXXX… for Phone endpoint

On CSF

Scroll Down to Desktop Client Settings – under Problem Report Server URL – define URL to Yarnman server

On 78XX or 88XX series phone device – Problem Report Server URL is defined under Product Specific Configuration Layout – ‘Customer support upload URL’

Process to Upload and Collect PRT

Phone Problem Report initiate process found here

https://www.cisco.com/c/en/us/support/docs/collaboration-endpoints/ip-phone-8800-series/200770-How-to-Collect-a-Collaboration-Endpoint.html

Jabber Problem Report initiate process found here

For Windows Client

https://help.webex.com/en-us/WBX63144/How-Do-I-Generate-a-Cisco-Jabber-for-Windows-Error-Log

Process to Collect Log File

Open Engineer App -> PRT Files

Select Problem Log to view

Manual Query

The manual query option gives access to the following

AXL SQL Query - option to run pre-canned or manual SQL query against CUCM
RIS Query - This option allows for reset of ITL/CTL certificates on registered CUCM handsets
LDAP Query - Option to run a detail search against an LDAP server
EM Query - allows to run query to display EM enabled users and devices

AXL SQL Query

Select ‘AXL SQL Query’ tab from Manual Query page, from here select a ‘Pre-Canned' option from query drop down or enter own query in SQL query box, select CUCM server to query, then select ‘Run’ button

RIS Query

Select RIS Query Tab, then select CUCM interface + Device Pool → Load

A list of phone devices is displayed

From here, ITL/CTL certificates may be deleted via JTAPI (recommended) or alternatively via Phone Browser by selecting the required device/s , then selecting relevant Delete button, which will delete certificate on the selected phone device/s

The ITL delete script may be modified if required by selecting ITL Scripts from left hand menu

Select the ‘eye’ adjacent to script to view/modify - note that to modify, you will need to select duplicate, then make changes + update

LDAP Query

From LDAP query, select LDAP interface, LDAP filter and LDAP baseDN to Run search

EM Query

Select Devices to display EM enabled phone devices or Users to display EM enabled Users, select Interface and Device Pool from Drop Downs, then Load

UC status

The UC status can be run for a specific interface or for a customer
It supports

CUCM
IMP
UCXN
EXPW

It can also check the Jabber DNS SRV records and certificates. Additional DNS servers and domains can be provided to test both public and internal records

If using customer option, from UC Status main page, select relevant customer from drop down menu, then ‘Generate Report’, all UC applications attributable to the customer will be listed and the required UC App may be selected

CUCM

To select and display CUCM status page, from UC Status main page, select CUCM Interface to report on from Drop Down, the select ‘Generate Report’ button

CUCM Status page will now be displayed - select the relevant report from top, some described below

Alerts

Trunks

Devices and Device Pools

Database

Services

Certificates

Expressway

Similarly to CUCM interface display above, specific Expressway or UCXN status page may also be displayed with Expressway sample illustrated below

Alarms

Connector Status

Fault Finder

Fault finder can be run against a customer or a CUCM cluster – if there are multiple clusters in the customer it will query each cluster
Search can be done by

Device Name
Directory Number
E164
Username

Based on the search criteria if will find devices and if provided the user

Alternate Syslog Search

These logs show device registration

Call Logs

Expressway Call Logs

CDR

Select Download CDR/CMR from left hand menu to extract CDR files from CUCM cluster

Either select and view existing report or to extract new report, Select CUCM from drop down, select time period, then ‘Request Records’

DNA Visualizer

DNA Visualizer is used to visually display routing tree of a specific dialled number by inputting following details

Select interface
Source number
Destination number
CSS

Yarndoor

Yarndoor Authentication and Setup

Create Authentication Database

Adjust roles as required restricting to only the required applications
Create Access Policy

Login via Email (UPN) – adjust regex's to restrict to specific domains and email format

Example email validation ([a-z0-9!#$%&'/=?^`{|}_{](?:\.[a-z0-9!#$%&'}_/=?_`{|}])@(?:[a-z0-9](?:[a-z0-9-][a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)
Base DN = domain in LDAP syntax
Username field = userPrincipalName

Login via username – adjust regex's to block domain\user and email address formats

Example (^[A-Za-z0-9](?:[ _-][A-Za-z0-9])*$)
Base DN = domain in LDAP syntax
Username field = userPrincipalName

Start The Engineer App and Yarndoor App and set Access Policy

You may wish to directly expose Yarndoor and not use proxy for end users to do so
Set Host to 0.0.0.0 (or IP Address of node)

Add both engineer app and Yarndoor app to proxy service

Yarndoor Branding

Note that Yarnlab support needs to be engaged to build the branding package

Select Branding in the administration app

Install Branding File

Verify that the branding is available

Navigate to the Yarndoor service that you wish to brand and apply the branding

Admin Access Setup

Navigate to the Engineer App (ensure it was added to proxy)

Add a feature

Select Administration Access Tracking

Add the required interface and set default allowed time. Note each CUCM/EXPW/UCXN will require to be added as an interface

Note that the role for admin users is defined on a per interface basis

If a CUCDM8 interface is added Yarnman can extract Customers/Hardware Groups and UC systems including IP addresses and credentials

Select User Portal

Add the required feature(s)

Using Admin Access

Select Yarndoor (admin access) or browse directly

Select the required customer and interface then press get access

One time credentials are created

Open interface opens new tab to target system
Release access removes account
1. Once account is removed audit logs are available for download

Yarnlab Docs

Orcamate Documentation

Contents