Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

Avaya Call Manager

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

SNMP

Application type

System metrics: Uptime, Interface utilization

Performance Monitoring

SFTP

 

Call Description Records (CDR): Calling Phone IP, Called Phone IP, Call Duration

Performance and Availability Monitoring

Event Types

Avaya-CM-CDR: Avaya CDR Records

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.  

SFTP

SFTP is used to send Call Description Records (CDRs) to FortiSIEM.

Configure FortiSIEM to Receive CDR Records from Avaya Call Manager

  1. Log in to your FortiSIEM virtual appliance as root over SSH.
  2. Change the directory.
    cd /opt/phoenix/bin
  3. Create an FTP account  for user ftpuser with the home directory /opt/phoenix/cache/avayaCM/<call-manager-ip>. If this is the first time you have created a Call Manager definition, you will be prompted for the ftpuser password. When you create subsequent Call Manager definitions, the same password will be used, and you will see a Success message when the definition is created.
  4. The CDR records do not have field definitions, but only values. Field definitions are needed to properly interpret the values. Make sure that the CDR fields definitions matches the default one supplied by FortiSIEM in /opt/phoenix/config/AvayaCDRConfig.csv.

    FortiSIEM will interpret the CDR record fields according to the field definitions specified in:/opt/phoenix/config/AvayaCDRConfig.csv and generate events like the following:

    Wed Feb 4 14:37:41 2015 1.2.3.4 FortiSIEM-FileLog-AvayaCM [Time of day-hours]="11" [Time of day-minutes]="36" [Duration-hours]="0" [Duration-minutes]="00" [Duration-tenths of minutes]="5" [Condition code]="9" [Dialed number]="5908" [Calling number]="2565522011" [FRL]="5" [Incoming circuit ID]="001" [Feature flag]="0" [Attendant console]="8" [Incoming TAC]="01 1" [INS]="0" [IXC]="00" [Packet count]="12" [TSC flag]="1"

Configure Avaya Call Manager to Send CDR Records to FortiSIEM

  1. Log in to Avaya Call Manager.
  2. Send CDR records to FortiSIEM by using this information
  3. Field Value
    Host Name/IP Address <FortiSIEM IP Address>
    User Name ftpuser
    Password <The password you created for ftpuser>
    Protocol SFTP
    Directory Path /opt/phoenix/cache/
    avayaCM/<call-manager-ip>

Settings for Access Credentials in FortiSIEM

See Access Credentials to set access and protocol for SMTP, SSH, and Telnet.

Avaya Call Manager

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

SNMP

Application type

System metrics: Uptime, Interface utilization

Performance Monitoring

SFTP

 

Call Description Records (CDR): Calling Phone IP, Called Phone IP, Call Duration

Performance and Availability Monitoring

Event Types

Avaya-CM-CDR: Avaya CDR Records

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.  

SFTP

SFTP is used to send Call Description Records (CDRs) to FortiSIEM.

Configure FortiSIEM to Receive CDR Records from Avaya Call Manager

  1. Log in to your FortiSIEM virtual appliance as root over SSH.
  2. Change the directory.
    cd /opt/phoenix/bin
  3. Create an FTP account  for user ftpuser with the home directory /opt/phoenix/cache/avayaCM/<call-manager-ip>. If this is the first time you have created a Call Manager definition, you will be prompted for the ftpuser password. When you create subsequent Call Manager definitions, the same password will be used, and you will see a Success message when the definition is created.
  4. The CDR records do not have field definitions, but only values. Field definitions are needed to properly interpret the values. Make sure that the CDR fields definitions matches the default one supplied by FortiSIEM in /opt/phoenix/config/AvayaCDRConfig.csv.

    FortiSIEM will interpret the CDR record fields according to the field definitions specified in:/opt/phoenix/config/AvayaCDRConfig.csv and generate events like the following:

    Wed Feb 4 14:37:41 2015 1.2.3.4 FortiSIEM-FileLog-AvayaCM [Time of day-hours]="11" [Time of day-minutes]="36" [Duration-hours]="0" [Duration-minutes]="00" [Duration-tenths of minutes]="5" [Condition code]="9" [Dialed number]="5908" [Calling number]="2565522011" [FRL]="5" [Incoming circuit ID]="001" [Feature flag]="0" [Attendant console]="8" [Incoming TAC]="01 1" [INS]="0" [IXC]="00" [Packet count]="12" [TSC flag]="1"

Configure Avaya Call Manager to Send CDR Records to FortiSIEM

  1. Log in to Avaya Call Manager.
  2. Send CDR records to FortiSIEM by using this information
  3. Field Value
    Host Name/IP Address <FortiSIEM IP Address>
    User Name ftpuser
    Password <The password you created for ftpuser>
    Protocol SFTP
    Directory Path /opt/phoenix/cache/
    avayaCM/<call-manager-ip>

Settings for Access Credentials in FortiSIEM

See Access Credentials to set access and protocol for SMTP, SSH, and Telnet.