Articles in this section

See more

API Call to get Realtime feed of CUCM Logs

Avatar
DevNet Support
Updated
Follow

Hi All

 

One of my customer's is planning to deploy a centralized "Logs" repository. The idea is to keep all the critical system/platform logs archived offline for extended periods of time (currently planned for 90 days). This can be used both for later troubleshooting, forensics or other analytical purposes.

 

As such, the plan is to continuously tail log files of some critical services, say for example, CallManager service.  I know that RTMT tool has feature called as "Real-Time Trace" which essentially keeps on pushing/polling the latest log file entries to RTMT that provides a live trace view. Ref:

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/service/7_1_2/rtmt/RTMT/rttlc.html#wp1048553

 

We need to achieve this using API calls from our Logs collection tool (custom tool being developed for logs archiving). How can we do this?

I looked up the logs collection API guide but could not find a method (unless I missed something obvious):

https://developer.cisco.com/site/sxml/documents/api-reference/log-collection/

 

What is the best way to do this?

 

PS: Scheduled logs collection does not work since it causes log lines overlap between time interval edges.

 

We are using CUCM 10.5 and 11.0 releases in our environment.

 

Please suggest!

 

Regards

Deepak

 

Message was edited by: Deepak Gupta Added CUCM version 10.5 and 11.0


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AFAIK the log collection API referenced is the way to go.  There would need to be a continuous process/service that checks for new logs periodically via the API, and requests SFTP delivery for collection (i.e. analogous to having RTMT running.)  If you download logs only when they are complete (i.e. a log file with a later time stamp exists) then you can avoid the overlap situation.  If you need to fairly closely tail the logs, then I think about all you can do is keep re-downloading the active log file periodically, and handle the 'diff'ing of new log lines in your app.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks for the inputs David!

 

I have 30 active susbribers + 10 TFTP/MoH servers + 5 Publishers. Even if I am collecting logs from 5 critical services per server. I will end up with 45 servers x 5 = 225 logs that I will have to continuously poll (probably every min) and then diff them. This is kind of CPU/IO intensive so am looking for ways to avoid any overhead processing (if possible).

 

Does RTMT also use the 'diff'ing process when we use the "Real Time Logs" through the UI or does it use an internal method or unpublished API to get only the latest lines from the process log files.

 

Cheers!

DG


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Unfortunately I don't know the mechanism RTMT uses for this...


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Comments

0 comments

Please sign in to leave a comment.