Cisco Unity Express 2.2 System Monitoring Guide
Implementing System Monitoring
Download this chapter
Implementing System MonitoringImplementing System Monitoring
 Feedback

Table Of Contents

Implementing System Monitoring

Platforms and Software Images

Prerequisites for Implementing System Monitoring on Cisco Unity Express

Configuring System Monitoring for Cisco Unity Express

Enabling the SNMP Agent, Passwords, and Trap Server

Restrictions

Prerequisites

Verifying the Enabling of the SNMP Agent, Passwords, and Trap Server

Setting Threshold Values for User Responses

Restrictions

Prerequisites

Verifying the SNMP Login and PIN Notification Thresholds

Enabling Cisco Unity Express Shutdown Requests

Restrictions

Verifying the Enabling of Shutdown Requests

Troubleshooting


Implementing System Monitoring

The Cisco Unity Express System Monitoring Guide describes the set of Cisco Unity Express (CUE) command-line interface (CLI) commands and tasks for configuring the Cisco Unity Express module to monitor the health, conduct performance monitoring, data collection, and trap management for Cisco Unity Express voicemail and auto attendant applications.

See the Cisco Unity Express SNMP MIB Release 2.2 Guide for details about the CISCO-UNITY-EXPRESS-MIB.

The system monitoring commands are not available through the Cisco Unity Express Graphical User Interface (GUI).

This chapter contains the following sections:

Platforms and Software Images

Prerequisites for Implementing System Monitoring on Cisco Unity Express

Configuring System Monitoring for Cisco Unity Express

Troubleshooting

Platforms and Software Images

See the Release Notes for Cisco Unity Express 2.2 for detailed information about the Cisco Unity Express hardware and software platforms that support the system monitoring capability.

Prerequisites for Implementing System Monitoring on Cisco Unity Express

See theCisco Unity Express SNMP MIB Release 2.2 Guide for details about installing the CISCO-UNITY-EXPRESS-MIB on the Cisco Unity Express module.

Configuring System Monitoring for Cisco Unity Express

Configuring system monitoring on Cisco Unity Express requires the following procedures:

Enabling the SNMP Agent, Passwords, and Trap Server

(Optional) Setting Threshold Values for User Responses

(Optional) Enabling Cisco Unity Express Shutdown Requests

Enabling the SNMP Agent, Passwords, and Trap Server

Activating the SNMP system monitoring on Cisco Unity Express requires the following tasks:

Enabling the SNMP agent.

Specifying the SNMP notification passwords.

Specifying at least one host server that will receive the notifications.

Restrictions

Be sure that the appropriate MIBs are installed. See theCisco Unity Express SNMP MIB Release 2.2 Guide for details.

Prerequisites

Passwords that permit users to retrieve and change SNMP information. Specify whether these passwords will have read-only or read-write privileges. The system supports a maximum of 5 read-only and 5 read-write passwords. Each password may have a maximum of 15 alphanumeric characters, including letters A to Z, letters a to z, digits 0 to 9, underscore (_), and hyphen (-).

IP address and password of the host server that will receive the SNMP information. If no host is defined, the system discards the trap information. The system supports a maximum of 5 servers. The password does not have to be the same as the user passwords.

No host is considered the primary host. The system sends the SNMP notifications to all enabled hosts.

(Optional) Server contact and location information.

SUMMARY STEPS

1. config t

2. snmp-server community community-string {ro | rw}

3. snmp-server enable traps

4. snmp-server host host-ipaddress community-string

5. (Optional) snmp-server contact contact-string

6. (Optional) snmp-server location location-string

7. end

8. copy running-config startup-config

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

config t

Example: 
se-10-0-0-0# config t

Enters configuration mode.

Step 2 

snmp-server community community-string {ro | rw}

Example:

se-10-0-0-0(config)# snmp-server community myaccess rw

se-10-0-0-0(config)# snmp-server community youraccess ro

Enables the SNMP agent and defines SNMP passwords.

community-string—Specifies an SNMP password. The maximum length is 15 alphanumeric characters, which includes letter A to Z, letters a to z, digits 0 to 9, underscore (_), and hyphen (-). The first character does not have to be a letter.

ro—The password has read-only capability. The system supports a maximum of 5 ro passwords.

rw—The password has read and write capabilities. The system supports a maximum of 5 rw passwords.

Step 3 

snmp-server enable traps

Example:

se-10-0-0-0(config)# snmp-server enable traps

Enables SNMP traps. SNMP traps are disabled by default.

Use this command in conjunction with the snmp-server host command to identify at least one server that will receive the SNMP notifications.

Step 4 

snmp-server host host-ipaddress community-string

Example:

se-10-0-0-0(config)# snmp-server host 172.16.100.10 iminhere

se-10-0-0-0(config)# snmp-server host 172.16.100.20 bigtraps

se-10-0-0-0(config)# snmp-server host 172.16.100.30 traps4cue


Specifies a server that accepts the SNMP notifications.

host-ipaddress—IP address of the server. Enable at least one host. The system supports a maximum of 5 hosts.

community-string—Specifies an SNMP password. The maximum length is 15 alphanumeric characters. This password does not have to be the same as those defined with the snmp-server community command.

Step 5 

snmp-server contact "ontact-string"

Example:

se-10-0-0-0(config)# snmp-server contact "Dial 71111 for system operator"

(Optional) Specifies SNMP server contact information. Maximum length is 31 alphanumeric characters. This value sets the MIB's sysContact string. Enclose the text in double quotes (" ").

Step 6 

snmp-server location "location-string"

Example:

se-10-0-0-0(config)# snmp-server location "Bldg A NYC"

(Optional) Specifies SNMP server location information. Maximum length is 31 alphanumeric characters. This value sets the MIB's sysLocation string. Enclose the text in double quotes (" ").

Step 7 

end

Example:

se-10-0-0-0(config)# end

Exits configuration mode.

Step 8 

copy running-config startup-config

Example:

se-10-0-0-0# copy running-config startup-config

Saves the configuration changes.

Verifying the Enabling of the SNMP Agent, Passwords, and Trap Server

Use the show snmp configuration command in Cisco Unity Express EXEC mode to display the SNMP agent status and passwords.

The following example shows output from the show snmp configuration command: 

se-10-0-0-0# config t


Enter configuration commands, one per line.  End with CNTL/Z.

se-10-0-0-0(config)# snmp-server community myaccess rw

se-10-0-0-0(config)# snmp-server community iminhere ro

se-10-0-0-0(config)# snmp-server enable traps

se-10-0-0-0(config)# snmp-server host 172.16.160.224 bigtraps

se-10-0-0-0(config)# snmp-server contact "Dial 71111 for system operator"

se-10-0-0-0(config)# snmp-server location "Bldg A NYC"

se-10-0-0-0(config)# end


se-10-0-0-0# show snmp configuration

Contact:              Dial 71111 for system operator

Location:             Bldg A NYC

Community 1 RO:       iminhere

Community 1 RW:       admin_main

Community 2 RW:       myaccess

Traps:                enabled

Host Community 1:     172.16.160.224 bigtraps

cueShutdownRequest:   disabled

se-10-0-0-0#

Setting Threshold Values for User Responses

Tracking spikes in the number of failures that occur within a short period of time for certain user actions helps to identify possible security breaches in the system.

Each user action has a default threshold value. Use the commands in this section if you want to change the default values.

Cisco Unity Express supports setting thresholds for the number of failures in a 5-minute interval for the following user actions:

Logging in.

Entering a password.

Entering a personal identification number (PIN) user ID.

Entering a PIN password.

Resetting a PIN.

When the number of attempts reaches the action's threshold, the system sends a notification to the SNMP host.

Restrictions

Be sure that the appropriate MIBs are installed. See the Cisco Unity Express SNMP MIB Release 2.2 Guide for details.

Prerequisites

Number of times the following can occur before the system sends a notification to the SNMP host:

Password errors (default is 30)

Login errors (default is 30)

PIN password errors (default is 30)

PIN resets (default is 5)

PIN user ID errors (default is 30)

SUMMARY STEPS

1. config t

2. (Optional) notification security login user threshold

3. (Optional) notification security login password threshold

4. (Optional) notification security pin uid threshold

5. (Optional) notification security pin password threshold

6. (Optional) notification security pin reset threshold

7. end

8. copy running-config startup-config

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

config t

Example: 
se-10-0-0-0# config t

Enters configuration mode.

Step 2 

notification security login user threshold

Example:

se-10-0-0-0(config)# notification security login user 10

(Optional) Sets the number of invalid login names within a 5-minute interval to threshold. If the number of failures exceeds this value, the system sends a notification to the SNMP host.

The default value is 30. Valid values are 0 to 999.

Step 3 

notification security login password threshold

Example:

se-10-0-0-0(config)# notification security login password 6

(Optional) Sets the number of invalid login passwords within a 5-minute interval to threshold. If the number of failures exceeds this value, the system sends a notification to the SNMP host.

The default value is 30. Valid values are 0 to 999.

Step 4 

notification security pin uid threshold

Example:

se-10-0-0-0(config)# notification pin uid 12

(Optional) Sets the number of invalid PIN user IDs within a 5-minute interval to threshold. If the number of failures exceeds this value, the system sends a notification to the SNMP host.

The default value is 30. Valid values are 0 to 999.

Step 5 

notification security pin password threshold

Example:

se-10-0-0-0(config)# notification security pin password 8

(Optional) Sets the number of invalid PIN passwords within a 5-minute interval to threshold. If the number of failures exceeds this value, the system sends a notification to the SNMP host.

The default value is 30. Valid values are 0 to 999.

Step 6 

notification security pin reset threshold

Example:

se-10-0-0-0(config)# notification security pin rest 3

(Optional) Sets the number of PIN password resets within a 5-minute interval to threshold. If the number of resets exceeds this value, the system sends a notification to the SNMP host.

The default value is 5. Valid values are 0 to 999.

Step 7 

end

Example:

se-10-0-0-0(config)# end

Exits configuration mode.

Step 8 

copy running-config startup-config

Example:

se-10-0-0-0# copy running-config startup-config

Saves the configuration changes.

Verifying the SNMP Login and PIN Notification Thresholds

Use the show notification configuration command in Cisco Unity Express EXEC mode to display the SNMP login and password notification thresholds.

The following example shows output from the show notification configuration command: 

se-10-0-0-0# config t

Enter configuration commands, one per line.  End with CNTL/Z.

se-10-0-0-0(config)# notification security login user 10

se-10-0-0-0(config)# notification security login password 6

se-10-0-0-0(config)# notification security pin uid 12

se-10-0-0-0(config)# notification security pin password 8

se-10-0-0-0(config)# notification security pin reset 3

se-10-0-0-0(config)# end

se-10-0-0-0# show notification configuration

Login user threshold:         10    (errors within a 5 minute interval)

Login password threshold:     6     (errors within a 5 minute interval)

PIN uid threshold:            12    (errors within a 5 minute interval)

PIN password threshold:       8     (errors within a 5 minute interval)

PIN reset threshold:          3     (resets within a 5 minute interval)

se-10-0-0-0#

Enabling Cisco Unity Express Shutdown Requests

Enabling shutdown requests allows the Cisco Unity Express module to be gracefully halted. For example, suppose an uninterruptible power supply (UPS) sends a power out alert to the Cisco Unity Express management application. The management application would send an SNMP shutdown request to bring down the Cisco Unity Express module while power is still supplied from the UPS.

For security reasons, the shutdown capability is disabled by default.

To reset the Cisco Unity Express module, use the service-module service-engine slot/port reset command on the router housing the module.

Restrictions

Be sure that the appropriate MIBs are installed. See the Cisco Unity Express SNMP MIB Release 2.2 Guide for details.

SUMMARY STEPS

1. config t

2. snmp-server enable cueShutdownRequest

3. end

4. copy running-config startup-config

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

config t

Example: 
se-10-0-0-0# config t

Enters configuration mode.

Step 2 

snmp-server enable cueShutdownRequest

Example:

se-10-0-0-0(config)# snmp-server enable cueShutdownRequest

Enables Cisco Unity Express shutdown requests. Shutdown requests are disabled by default.

Step 3 

end

Example:

se-10-0-0-0(config)# end

Exits configuration mode.

Step 4 

copy running-config startup-config

Example:

se-10-0-0-0# copy running-config startup-config

Saves the configuration changes.

Verifying the Enabling of Shutdown Requests

Use the show snmp configuration command in Cisco Unity Express EXEC mode to display the status of the shutdown request capability.

The following example shows output from the show snmp configuration command: 

se-10-0-0-0# show snmp configuration

Contact:              Dial 71111 for system operator

Location:             Bldg A NYC

Community 1 RO:       iminhere

Community 1 RW:       admin_main

Community 2 RW:       myaccess

Traps:                enabled

Host Community 1:     172.16.160.224 bigtraps

cueShutdownRequest    enabled

se-10-0-0-0#

Troubleshooting

Use the following trace commands in Cisco Unity Express EXEC mode to display the SNMP and management data activity:

trace snmp {agent all | agent debug | all}—Enables tracing of SNMP activities.

trace management {agent all | agent debug | all}—Enables tracing of management data requests.

The following examples display sample output of these commands: 

se-10-0-0-0# trace snmp agent all 

se-10-0-0-0# show trace buffer tail 


4280 06/03 10:10:31.035 snmp agnt 1 
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxPercentTimeUsed,0) = cueMboxPercentTimeUsed 
4280 06/03 10:10:31.100 snmp agnt 1 
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfMessages,1) 
4280 06/03 10:10:31.100 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.109 snmp agnt 1 
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfMessages,1) = cueMboxNumberOfMessages 
4280 06/03 10:10:31.171 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfMessages,0) 
4280 06/03 10:10:31.171 snmp agnt 1 
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.180 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfMessages,0) = cueMboxNumberOfMessages 
4280 06/03 10:10:31.241 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfNewMessages,1) 
4280 06/03 10:10:31.241 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.250 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfNewMessages,1) = cueMboxNumberOfNewMessages 
4280 06/03 10:10:31.313 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfNewMessages,0) 
4280 06/03 10:10:31.313 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.322 snmp agnt 1 
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfNewMessages,0) = cueMboxNumberOfNewMessages 
4280 06/03 10:10:31.384 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfSavedMessages,1) 
4280 06/03 10:10:31.385 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.393 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfSavedMessages,1) =cueMboxNumberOfSavedMessages 
4280 06/03 10:10:31.454 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfSavedMessages,0) 
4280 06/03 10:10:31.455 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.MBeanUtil.invoke(Voicemail:name=Stats,MboxStatsTableValue,<parms
>,<signature>) 
4280 06/03 10:10:31.463 snmp agnt 1  
com.cisco.aesop.mgmt.snmp.SnmpNative.SnmpTableGetLong(CISCO-UNITY-EXPRESS-MIB,cueMboxTable
,cueMboxNumberOfSavedMessages,0) =cueMboxNumberOfSavedMessages 


se-10-0-0-0# trace management agent all 

se-10-0-0-0# show trace buffer tail 


087 06/03 10:18:42.523 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.JTAPI.getJTAPConnectionStatus out 
087 06/03 10:18:42.523 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.VoiceConnectivity.getUpdateStatus in 
087 06/03 10:18:42.523 mgmt agnt 1 com.cisco.aesop.mgmt.voicemail.VoiceConnectviity.update 
in 
087 06/03 10:18:42.524 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.VoiceConnectivity.udpateTables in 
087 06/03 10:18:42.525 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/protorbcp,device) 
087 06/03 10:18:42.526 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/hw/eth/eh0,ip,addrdefault) 
087 06/03 10:18:42.529 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.JTAPIUtil.gettapiPortStatus in 
087 06/03 10:18:42.574 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.JTAPIUtil.gettapiPortStatus {3504={id=3, implid=3504, 
state=IDLE}, 3503={id=0, implid=3503,tate=IDLE}, 3502={id=1, implid=3502, state=IDLE}, 
3500={id=2, implid=3500, stat=IDLE}} 
087 06/03 10:18:42.574 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.JTAPIUtil.gettapiPortStatus out 
087 06/03 10:18:42.576 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/apps/f/ccnapps/configurations/craAesop/ccnwfapp,wfj
tapi,ciscoccnatcallmanager) 
087 06/03 10:18:42.581 mgmt agnt 1 com.cisco.aesop.mgmt.voicemail.JTAPIUtil.getctiveCCM in 
087 06/03 10:18:42.581 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/limit,global,applicationMode) 
087 06/03 10:18:42.602 mgmt agnt 1 com.cisco.aesop.mgmt.voicemail.JTAPIUtil.getctiveCCM 
out 
087 06/03 10:18:42.604 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/apps/f/ccnapps/configurations/craAesop/ccnwfapp,wfs
ip,providerHostname) 
087 06/03 10:18:42.607 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/apps/f/ccnapps/configurations/craAesop/ccnwfapp,wfs
ip,providerHostname) 
087 06/03 10:18:42.610 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/apps/f/ccnapps/configurations/craAesop/ccnwfapp,wfs
ip,providerPortnumber) 
087 06/03 10:18:42.614 mgmt agnt 1 
com.cisco.aesop.mgmt.SysdbUtil.get(/sw/limit,global,applicationMode) 
087 06/03 10:18:42.615 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.VoiceConnectivity.udpateTables out 
087 06/03 10:18:42.615 mgmt agnt 1 com.cisco.aesop.mgmt.voicemail.VoiceConnectivity.update 
out 
087 06/03 10:18:42.616 mgmt agnt 1 
com.cisco.aesop.mgmt.voicemail.VoiceConnectivity.getUpdateStatus out