Below, some tips to make this application work The most frequent problems are related to problems of communication between Spkunk and Avaya IP Office. In your Splunk software choose the Avaya Call application. If you want to use an Index (It’s better), you can set it in Splunk Settings / Indexes / New Index as below. It is mandatory to define source in Splunk Settings / Data inputs / TCP as below. Choose TCP port source, tcp-raw as Source Type and your Index Name. After, you can edit the sourcelog macro in Advanced search / Search macros and put your specifics inputs as below. For example : If you have a specific index, replace the quotation marks “” in the sourcelog macro with index=ipo or If you haven’t a specific index, replace the quotation marks “” in the sourcelog macro with the IP Office address host=10.1.1.1 or If you haven’t a specific index, replace the quotation marks “” in the sourcelog macro with the source="tcp:6969" etc … If you want to know if you are receiving logs from the IP Office : In Search, enter your host and your index, for example : host=10.1.1.1 index=ipo If you haven’t index, in Search, enter host only, for example : host=10.1.1.1 Click on Data Summary. You should now see the IP address of your Avaya IP Office. If you do not see the host of your IP Office, check the connection between Splunk and your IPO, check your firewalls, check that you have created the correct entry in DATA INPUT. ... View more

Check that you have created the correct entry in Splunk /DATA INPUT (Not Universal Forwarder) some tips to make this application work ... View more

Houps - my good email address : jlsabaut@gmail.com ... View more

The application AVAYA_call is not done for the AVAYA AURA system (IPOFFICE only). But i can adapt it this application graciously. Choose output formats unformatted to my splunk platform and make a few calls indoor/outdoor. For that, send me your email to exchange technical information directly. Jean-Louis / jl.sabaut@gmail.com ... View more