[cisco-voip] CDR on cucm analysis reports-Fraud Calls

Nazar Shabour nizarshabour at gmail.com
Fri Jun 16 20:44:35 EDT 2017 

hi
Thanks ,after I have made the analysis ,the  original device shown is the
ip address of Expressways (E&C), no IP phone nor user ID shown at all ,
on the Expressway ,with the aid of the TAC I found that somebody spoofing
our domain name & sip URI to redirect that call to him



On Thu, Jun 15, 2017 at 10:52 PM, Brian Meade <bmeade90 at vt.edu> wrote:

> What is the origDevice listed in the CDRs?
>
> On Thu, Jun 15, 2017 at 3:03 PM, Nazar Shabour <nizarshabour at gmail.com>
> wrote:
>
>> Dears ,
>>
>> Please can your give insight on how to  find out "unspecifieduser" on
>> thine CDR reports that has costed us thousands of US placing international
>> and long distance calls ,I cant find any ext real one that he/she uses to
>> place the calls the ext is within the dial-plan but not
>> configured ,thus user uses it to make the calls.
>> Any thoughts are valuable ,
>>
>>
>> Thanks
>>
>> AbuAlneez,
>>
>>
>> On Mon, May 22, 2017 at 11:06 AM, Gary Parker <G.J.Parker at lboro.ac.uk>
>> wrote:
>>
>>>
>>> > On 21 May 2017, at 22:34, Brian Meade <bmeade90 at vt.edu> wrote:
>>> >
>>> > CAR DB only holds up to 30 days.  You need a billing server to offload
>>> CDR to if you need to keep info longer than that.
>>> >
>>> > On Fri, May 19, 2017 at 4:29 PM, Jonatan Quezada <
>>> jonatan.quezada at chemeketa.edu> wrote:
>>> > does anyone have any insight on where to adjust how far back to report
>>> on. I get a limit when I try a report older than a month. We should be able
>>> to go back for a year? right. if this is a setting for how long to archive
>>> call details, where do i change that?
>>>
>>> If you don’t already have billing server, can’t get the budget for one
>>> or want something a bit different to the regular packages, I can highly
>>> recommend Damien Hauser’s CUCM/ELK integration tools. You it’s free (all
>>> based on open source tools) and gives you a full elasticsearch database of
>>> CDR/CMR database with a Kibana frontend and logstash ingest. There’s even a
>>> load of pre-configured reports and visualisations for you to modify for
>>> your own needs.
>>>
>>> GitHub repo here:
>>> https://github.com/damhau/cucm-cdr
>>>
>>> Some more detailed installation instructions here:
>>> https://damienetwork.wordpress.com/2015/10/09/elk-setup-for-cucm-cdr/
>>>
>>> You *will* need a working knowledge of linux to get this working but the
>>> results are worth it, imho. We get a lot more useful technical information
>>> out of this than we do our Tiger call logger/billing platform.
>>>
>>>
>>> ---
>>> /-Gary Parker----------------------------------f--\
>>> |     Unified Communications Service Manager      |
>>> n      Loughborough University, IT Services       |
>>> |     tel:+441509635635 sip:gary at lboro.ac.uk      o
>>> |     http://delphium.lboro.ac.uk/pubkey.txt      |
>>> \r----------------------------------------------d-/
>>>
>>> _______________________________________________
>>> cisco-voip mailing list
>>> cisco-voip at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20170617/2016cbbe/attachment.html>

More information about the cisco-voip mailing list