Cisco Systems D14659.03 Working with the audit logs

Working with the audit logs

Cisco TelePresence ISDN Gateway 2.1 Online help (Printable format) 101 of 135

Working with the audit logs

The audit log records any user action on the Cisco Tel ePresence ISDN Gateway which might

compromise the sec urity of the unit, of its functions, or of the network.

By enabling auditing, all network settings, security setti ngs, creation/deletion of dial plans and any

changes to the audit log itself are logged on the ISDN Gate way.

All relevant actions on the ISDN Gateway are logged, i ncluding those made through the serial

console, a supervisor blade (for MSE blades), the API, F TP, and the web interface. The module that

has caused a log is listed within the details of that log a nd will be one of:

 Web: For configuration changes made through the web interf ace.

 Serial: For configuration changes made through the serial interface.

 API: For configuration changes made through the API.

 Supervisor: For configuration changes made through the Supervisor Blade (on ly applies to

MSE blades).

 System: For audit messages from the ISDN Gateway.

 FTP: For audit messages recording requests made to the ISDN Gate way over FTP.

Each log also has a severity associated with it (Error, Se vere Warning, Warning, Info, or Status

Warning).

You must enable the audit log for it to record these acti ons.

To enable and view the audit log, go to Logs and select the Audit log tab.

Audit log

The last 2000 audit messages generated by the ISDN Gatewa y are displayed in the Audit log page.

The last 100,000 audit messages are stored on the com pact flash if there is one; otherwise, the last

100,000 audit messages are stored internally. You can onl y view the last 2000 through the web

interface, but you can download all stored audit messages (up t o the 100,000) as XML.

You can delete audit messages, but you cannot delete the m ost recent 400 audit messages. If you

delete any audit messages, that will be audited in a new audit message.

You cannot send the audit log to a syslog server.

Contents

Main Cisco TelePresence ISDN Gateway Version 2.1 Online help (printable format) D14659.03 March 2011 Contents Page Page Page Page Logging into the web interface Failing to log into the web interface Invalid passwords Getting started with the Cisco TelePresence ISDN Gateway Page Making calls with the Cisco TelePresence ISDN Gateway ISDN to IP calls IP to ISDN calls Using the auto attendant Using the Far End Camera Control Using the Cisco TelePresence ISDN Gateway for voice-only calls Configuring the Cisco TelePresence ISDN Gateway as a voice- only gateway Dial plan configuration Calling a PSTN telephone from an MCU Displaying ISDN port utilization Displaying the ISDN calls list Disconnecting and deleting calls Diagnostic controls Displaying detailed call information Page Understanding the dial plan Rules Using rules Rule ordering Displaying and testing the dial plan Displaying the rules list Page N x 56kbps: the call is a video call using Modifying the rules list Testing the dial plan Adding dial plan rules Adding and updating dial plan rules Adding dial plan rules Page Page Page Updating dial plan rules Adding and updating dial plan rules in leased line mode Adding dial plan rules Page Page Updating dial plan rules Example dial plan rules Allocating bandwidth using rules for IP to ISDN calls Allocating bandwidth using rules for ISDN to IP calls Forwarding ISDN calls to an operator or a conference Specifying voice-only IP to ISDN telephone calls Setting up dial plan rules when using TCS-4 ISDN to IP calls IP > ISDN > ISDN > IP calls Dial plan examples in leased line mode ISDN to IP dial plan (leased line mode) IP to ISDN dial plan (leased line mode) Dial plan syntax Syntax for conditions (Called number matches) Syntax for actions (Call this number) Page Displaying the built-in gatekeeper registration list Configuring the built-in gatekeeper Configuring neighboring gatekeepers Page Gatekeeper status ID view Registration view Displaying the user list Deleting users Adding and updating users Adding a user Updating a user Page Page Updating your user profile Changing your password Configuring network settings IP configuration settings IP status Ethernet configuration Ethernet status Page Automatic IPv6 address preferences DNS settings Configuring DNS settings Page Configuring IP routes settings Port preferences IP routes configuration Adding a new IP route Viewing and deleting existing IP routes Routes behavior with disabled ports Current IP status Configuring IP services Page Configuring SNMP settings System information Configured trap receivers Access control Configuring QoS settings About QoS configuration settings ToS configuration DiffServ configuration Default settings Network connectivity testing Configuring general ISDN settings Basic settings Page ISDN advanced settings Page ISDN codec settings ISDN multipoint settings Configuring ISDN ports settings Configuring ISDN ports settings (non-leased line mode) Port settings Page Page Configuring ISDN ports settings in leased line mode Port settings Configuring H.323 gatekeeper settings Gatekeeper settings Page Page Gatekeeper status Page Configuring encryption settings Displaying and resetting system time System time NTP Using NTP over NAT (Network Address Translation) Configuring security settings Advanced security mode Hashing passwords Password format Expiring passwords Upgrading and backing up the Cisco TelePresence ISDN Gateway Upgrading the main ISDN Gateway software image Upgrading the loader software image Backing up and restoring the configuration Enabling ISDN Gateway features Page Shutting down and restarting the Cisco TelePresence ISDN Gateway Displaying general status Displaying ISDN status Displaying hardware health status Displaying security status Working with the event logs Event log Event capture filter Event display filter Syslog Page Working with the audit logs Audit log Understanding security warnings Page Page Page Logging using syslog Syslog settings Using syslog Working with Call Detail Records Call Detail Record log controls Call Detail Record log Downloading and clearing the log CDR log display Further information about CDR time field Customizing the user interface Configuring user interface settings Controlling the auto-refreshing of status pages on the ISDN Gateway Configuring welcome messages for the Login and Home pages Customizing voice prompts on the ISDN Gateway Using default English voice prompts Uploading a customization package Viewing the available voice prompts Uploading and downloading customized voice prompts Downloading individual voice prompts Deleting customized voice prompts Voice prompt specification Making the best possible recordings Customization: More information Precedence The factory default file set Localization files Customization files Backing up and restoring the configuration using FTP Configuring SSL certificates Page Contact details and license information TANDBERG Software licenses AVC VIDEO RSA Data Security Inc. The Internet Society NetBSD Info-ZIP Independent JPEG Group's JPEG software The OpenSSL Project N.A.T. GmbH Spirit Corporation AES License HMAC License SHA1 License Lua Telenetworks Regents of the University of California DHCP Net-SNMP Page Page Page Page Page Contact details and license information Cisco TelePresence ISDN Gateway 2.1 Online help (Printable format) 135 of 135