All Apps and Add-ons

How to integrate AVAYA device logs to splunk.

karmasplunk
New Member

Hello,

We have Avaya devices in our environment and we want to integrate into splunk to monitor logs. I have no idea how to configure this to see logs in splunk. . I do know that there would be ways for forwarding logs from network devices to push logs to splunk, can someone please suggest me a way to integrate Avaya device to send logs into splunk.

Thanks in advance.

0 Karma

dcascione
Explorer

Avaya devices support syslog . I was able to forward logs from Avaya to Splunk using Avaya's default UDP port of 514. In the Avaya configuration, enter the IP address of the Splunk Syslog server with no port info and Avaya will send the data via UDP 514 by default. Hope this helps!

0 Karma

meinfan
New Member

@dcascione, when you say 'In the Avaya configuration, enter the IP address...', where are you referencing? Also, which Avaya piece are you referencing? We have our Avaya devices reporting to Syslog and then forwarding these Syslog events to Splunk, but we would like to remove the middle man here if that was possible. Also, there are very useful logs on the Avaya devices but we aren't getting insight into them at this time and i believe Splunk could do that for us.

The challenge we have is if we install the Forwarder client on our Avaya devices, we void our maintenance.

0 Karma

meinfan
New Member

Nevermind, i was able to figure this out.

0 Karma

genesiusj
Builder

What was it you did? How did you figure it out?
Thanks and God bless,
Genesius

0 Karma

meinfan
New Member

We needed to configure the SNMP alerting on our Avaya devices. The specific devices we were looking to capture the snmp alerts was the Avaya Application Enablement Servers as we had no insight into these. Once we configured this setting in the AES, we were able to get our snmp alerst to our snmp server and then consume the log file that was being built by the alerts. To enable this feature in the AES, go to: Utilities --> SNMP --> SNMP Trap Receivers then add your syslog information here.

0 Karma

genesiusj
Builder

Thank you meinfan for the quick response.
Earlier today I met with an internal client who wants to use our upcoming Splunk implementation for their Avaya syslogs and CDR logs. When I read your post I figured I would ask. I know very little about voip, but I am sure the information you provided will be of great help to them.
Thanks and God bless,
Genesius

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...