Capturing and Exporting Packets on Cisco Unified Communications Manager (CUCM) with CLI and RTMT
ฝัง
- เผยแพร่เมื่อ 8 ก.ย. 2024
- In this video I look at how to take a basic packet capture, how to filter it by host, export the file via both SFTP as well as RTMT and then clean up and delete the capture files when done with the troubleshooting.
0:37 - Capturing
4:25 - Exporting capture from the CLI
6:38 - Exporting with RTMT
8:53 - Cleaning up old capture files
Some of the commands I leverage in the video:
utils network capture - Captures all traffic and dumps to the screen
file get activelog platform/cli/Cap.cap - SFTP's the capture file to a remote server
file get activelog platform/cli/*.cap - Send all captures to a remote server
utils network capture eth0 file Cap01 count 10000 size all host ip 10.100.112.10 - capture all traffic between this CUCM and the 10.100.112.10 phone
file list activelog /platform/cli/ date detail - Show all captures on the system
file delete activelog /platform/cli/*.cap - Delete all captures on the system
#Cisco #CUCM
Do you use this feature often? Is there anything you would add to this tutorial? Let me know here!
Brother you are great
Thanks!
i can't write to correctly "Download directory" when i want to download cap01.cap file. how write to correctly the location in cli cucm ? my sftp location is "C:\SFTP_Root" . Many thanks
SFTP will be a remote location from the perspective of the CUCM
@@TheTechCatalyst Yeah, I understood, but I need to specify the path in the cli. How write this path "C:\SFTP_Root" in the command line????
Many thanks,sir
@@abukhadijah21 CUCM would never know what drive letter the folder is in.
Hi, great tutorial. Would you consider adding packets capture toward Cube facing interface?
You certainly could if needed. I personally always start with log files before going to packet captures for actual SIP messages. Check out my Translator X video as well if you haven't seen it before. th-cam.com/video/xT8Oyrgt0uE/w-d-xo.html
It is a mizing video and I actually looking for it, but in CLI I but the tftp server or what that IP address can I ssh to it?
Thanks in advance 👍
I'm not 100% sure I understand the question... If you SSH into your CUCM server(s) you can run this from there. In a small environment you might have a single server, in a large enterprise there could be a dozen with TFTP separated off into its own host.