Release Notes (AXL)

• The get_​devices example search now has a lastUpdated field, which is required in Cisco CDR 7.2 and higher

Version 1.2 (January 29^th, 2024)

• Functionality — Both the ciscoaxl and ciscoaxlquery commands now accept a ​“server” argument. When specified and set to either a full stanza name or a hostname from ciscoaxl.conf, it will query only that connection or in general those matching connections. Multiple values can be used, comma-separated.
• Functionality — Added a new command called ​“ciscoris” that when passed input rows containing both ​“name” and ​“clusterName” for some device name in UC, will query the cluster for various realtime information about that device.
• Fixed a bug in the ​“get_​devices_​example” savedsearch, where the final rows across all queries hosts were rolled up by deviceName, rather than by the unique combination of deviceName and clusterId. Formerly this would result in confusing multivalue rows whenever a device name was repeated across clusters.
• Fixed bad messaging when a 401 response is received back unexpectedly from the AXL API. Previously it would display a massive stack trace in the UI and now instead there is a much better and more helpful error message.

Version 1.1.10 (August 28^th, 2023)

• Removed compatibility with Python2 to prevent Splunk Appinspect from failing the app.

Version 1.1.9 (June 23, 2023)

• Added explicit keep-alive header, as this may help with connection issues against some publishers.
• Fixed a bug when the publisher returns a truncated SOAP response (IncompleteRead) to our very first request, instead of either running the query or returning the ​“Query Request Too Large” message.

Version 1.1.8 (May 12^th, 2023)

• Fixed a mistake in the logic that attempts more granular retries when a CM node returns incomplete response.

Version 1.1.7 (May 11^th, 2023)

• Fixed a problem that prevented the app homepage from loading correctly.

Version 1.1.6 (May 10^th, 2023)

• Improved behavior on SHC — previously you had to either configure ciscoaxl.conf on the deployer, or submit the credentials form separate only on each SHC member. Now changes made on the UI of one member are propagated to the others automatically. 
• Improvements to ciscoaxlquery to make it more resilient when CM nodes misbehave or network connection is unreliable — In unusual cases where a CallManager node will terminate responses in mid-stream even after the SQL has been broken up into appropriately small queries, the command will now drop down to a much larger set of much smaller queries. Although strange, we have seen this approach work consistently.
• Lower-tier users who attempt to run the app’s custom search commands now get an error message telling them that their user account lacks the required capabilities.
• Updated suds-py3 to 1.4.5.0
• Resolved some issues where manager pages were displaying errors when in this SA’s app context.
• Fixed some noisy logging being written to SA_cisco_cdr_axl.log
• Minimum supported version of Splunk is now 8.0

Version 1.1.5 (December 21^st, 2021)

• Critical Fixed a bug that made searches using the ​“ciscoaxlquery” command fail with an error.

Version 1.1.4 (December 15^th, 2021)

• Fixed a bug introduced in 1.1.1 that prevented much of the app’s functionality from working in Splunk 7.3. Note customers on Splunk 8 were unaffected by this bug and do not need this fix.

Version 1.1.3 (November 11^th, 2021)

• get_​devices_​example search has been updated to pull three additional fields. 1) directoryNumber. This is designed to pull the primary ​“line 1” DN or DiD number associated with the device. If no actual primary line is configured then this will fallback to pulling the secondary DN/​DiD in the list, and then after that tertiary etc. 2) axlHost – this is the host or ip address that was used in the AXL config. More or less the CUCM publisher. 3) axlPort – just for completeness this is the port that was used.

Version 1.1.2 (April 15^th, 2021)

• Sideview Utils is no longer required on Splunk 7.X, but Canary is now always required on both Splunk 7.X and 8.X.
• ciscoaxlquery command now will detect errors that say ​‘request is too large’ and break the query into smaller queries using skip+limit syntax, merging the results and returning a single unified result automatically.
• Default expression blacklist for ciscoaxlquery now checks for word boundaries before, reducing false positive matches.
• Canonical example query to pull devices information from AXL now includes two new fields – ​“className” and ​“subclassName”.

Version 1.1.1 (March 22^nd, 2021)

• Added a new optional key to the ciscoaxl.conf, ​“timeout”. This sets the SOAP read timeout in seconds, and it defaults to 600.

Version 1.1 (December 11^th, 2020)

• Support for connecting to multiple UCM nodes has been broadened such that you can now connect to AXL interface on multiple hosts even if the hosts have different UCM versions. To do this you use a new optional key in ciscoaxl.conf called ​“wsdl_​subdirectory”. This defaults to ​“bin” and while that remains the default choice for placing the AXLAPI.wsdl and AXLSoap.xsd files, you can now override it per stanza. You can set it to any other subdirectory or path within the SA_​cisco_​cdr_​axl_​app (such as ​“bin/11.5” or ​“wsdl/12.5” etc), and for that stanzas’ SOAP connection ti will use the wsdl/​xsd files it files in the given subdirectory.

Version 1.0.1 (November 6^th, 2020)

• Fixed a bug where the form to create a new credential would fail to set the password in Splunk’s storage passwords system, and the user would have to post the password a second time in ​“update existing credentials” before it would get set.
• The old macro for ​‘generate_​rows_​for_​devices_​lookup’ has been superseded by a much better and more complete saved search called ​‘get_​devices_​example’. To implement,
  1. Find the search ​“get_​devices_​example” in ​“Searches, Reports and Alerts” and clone it.
  2. Run the cloned search manually and confirm it returns good results.
  3. Edit that cloned search, append ‘| outputlookup devices‘ to the end of the search and save it.
  4. Edit the schedule of the cloned search to run on a periodic schedule (perhaps once per night?)

Version 1.0 (June 26^th, 2020)

• The app now contains a simple UI that can be used to enter auth information. Specifically, the hosts, ports, usernames, and passwords required to connect to AXL on CUCM nodes. Furthermore, the passwords are now stored in Splunk’s password storage instead of being written in plaintext in the ciscoaxl.conf file
• Various logging improvements.
• Raised the minimum required version of the Canary app to 1.3.1, and the minimum version of Splunk to 7.0
• Updated the commands to specify that Splunk should run them in python3

Version 0.9.2 (September 19^th, 2019)

• Some fixes for when the app is running in the Canary UI.
• Added a key to server.conf so that when admins update the Sideview license.
  on any Clustered Search Head, that license change will be propagated to the
  other SHC members.

Version 0.9.1 (August 14^th, 2019)

• Screened some confusing error messages out of the update_​license page.
• improvements to exception handling in cases where the connection is
  misconfigured or the wsdl/​xsd files are wrong.

Version 0.9 (August 2^nd, 2019)

• improvements to how available method names are returned from | ciscoaxl help
• Python code cleanup to work with both Python2.7 and Python 3

Version 0.8 (June 2019)

• App now contains its own licensing and license enforcement mechanism, as well
  as a simple user interface to update said license.

Version 0.7.2 (May 2019)

• If methodwhitelist or queryblacklist are ever set to blank values, then the
  ciscoaxl command and the ciscoaxlquery commands respectively will refuse to
  run, due to there being a risk that the blank key is unintentional and the
  result of a misconfiguration.

Version 0.7.1 (April 30^th, 2019)

• Updating the SOAP client code to pass an Authentication header that is
  required if SAML SSO is configured. This change still seems to work in
  ​“normal” UCM configurations though, so enabling this for all cases.

Version 0.7 (April 25^th, 2019)

• Fixed a problem where sometimes ciscoaxl command would throw an exception
  if no results came back from soap, instead of just returning 0 results.

Version 0.6 (April 10^th, 2019)

• Added EXEC, EXECUTE, and PUT to the default queryblacklist regex.
• improved exception handling and messaging around common misconfiguration
  cases where the app cannot connect to the host, or where auth is rejected.
• Added exception handling where if the whitelist or blacklist fails to parse
  as a regex at all or throws an unexpected exception the commands fail.