Monday, December 10, 2018

Cisco CME - Emergency Call History Notification - Part 1

Here is one way to monitor those 911/emergency calls on a Cisco CME system.
In a later post, I will explain how we use that demoLock.txt file to send broadcasts to other phones using the Push2Phone.php file provided by Cisco's IP Services development kit.

Using Cisco's Event Manager applets we can monitor any dial peer and send out notifications to end users.

Basic Required Settings
event manager environment _email_from it.voip@emailhost.ca
event manager environment _email_to it.voip@emailhost.ca
event manager environment _email_server mail.emailhost.ca
voice emergency response settings
 elin 5555551234

Sample dial-peers (We use an 'Emergency lockdown' number for paging)
dial-peer voice 1407 pots
 description Emergency Paging
 emergency response zone
 preference 1
 destination-pattern 1407
 port 0/1/0
 prefix ,07#
dial-peer voice 600 pots
 trunkgroup pstn-outgoing
 description 911
 emergency response zone
 preference 1
 destination-pattern 911
 forward-digits all
Create a syslog event monitor that is trigger when one of the dial peers is called.
event manager applet Emergency_Call_Out
event syslog occurs 1 pattern "E911-5-EMERGENCY_CALL_HISTORY" period 1
Find the hostname and set the destination email (if you want to use something other than what was declared in the Basic Required Settings)
 action 001      cli command "enable"
 action 001.1    foreach line "$_cli_result" "\n"
 action 001.2     regexp "#" "$line"
 action 001.3     if $_regexp_result eq "1"
 action 001.4      set result_host "$line"
 action 001.5      regexp "[A-Za-z]+\-" "$line" result_Site
 action 001.6     end
 action 001.7    end
 action 001.8    set _email_to "voipgroupnotify@emailhost.ca"

Do some regexp work to extract the "Calling number, Mac-address & IP address" of the call being placed - used for logging purposes.
 action 002.01   set result_Ext "Empty"
 action 002.02   regexp "calling number\[([0-9]+)\]" "$_syslog_msg" result_Ext
 action 002.03   regexp "([0-9]+)" "$result_Ext" result_Ext
 action 002.10   set result_Mac "Empty"
 action 002.11   cli command "show ephone telephone-number $result_Ext | include mac-address"
 action 002.12   foreach line "$_cli_result" "\n"
 action 002.13    regexp "(.*)\.(.*)\.(.*)" "$line"
 action 002.14    if $_regexp_result eq "1"
 action 002.15     regexp "....\.....\....." "$line" result_Mac
 action 002.16    end
 action 002.17   end

 action 002.20   set result_IP "Empty"
 action 002.21   cli command "show ephone $result_Mac | include IP"
 action 002.22   foreach line "$_cli_result" "\n"
 action 002.23    regexp "10\.174\....\...." "$line"
 action 002.24    if $_regexp_result eq "1"
 action 002.25     regexp "10\.174\.[0-9]+\.[0-9]+" "$line" result_IP
 action 002.26    end
 action 002.27   end
 action 002.30   if $result_Mac eq "Empty"
 action 002.31    cli command "show voice register pool telephone-number $result_Ext | include 10.174"
 action 002.32    foreach line "$_cli_result" "\n"
 action 002.33     regexp "(.*)\.(.*)\.(.*)" "$line"
 action 002.34     if $_regexp_result eq "1"
 action 002.35      regexp "....\.....\....." "$line" result_Mac
 action 002.36     end
 action 002.37     regexp "10\.174\....\...." "$line"
 action 002.38     if $_regexp_result eq "1"
 action 002.39      regexp "10\.174\.[0-9]+\.[0-9]+" "$line" result_IP
 action 002.40     end
 action 002.41    end
 action 002.42   end
Getting the "Called Number" (Regular numbers and E164 format)
 action 002.50   set result_Called "Empty"
 action 002.51   regexp "called number\[([0-9]+)\]" "$_syslog_msg" result_Called
 action 002.52   regexp "([0-9]+)" "$result_Called" result_Called
 action 002.53  if $result_Called eq "Empty"
 action 002.53.01 regexp "called number\[\+([0-9]+)\]" "$_syslog_msg" result_Called
 action 002.53.02 regexp "([0-9]+)" "$result_Called" result_Called
 action 002.53.03 end
 Copy the results to the flash
 action 003.01.01 set result_Final "$result_Site $result_Ext $result_Mac $result_IP $result_Called"
 action 003.02.01 file open fh flash:911.txt w
 action 003.02.02 file write fh $result_Final
 action 003.02.03 file close fh
Copy to an offsite TFTP server. (The "no file prompt quiet" - prevents prompt for file names)
 action 003.03 cli command "configure terminal"
 action 003.04 cli command "file prompt quiet"
 action 003.05 cli command "end"
 action 003.06.01 if $result_Called eq "911"
 action 003.06.02  cli command "copy flash:911.txt tftp://eventlogger/demo911.txt"
 action 003.06.03 else
 action 003.06.04  cli command "copy flash:911.txt tftp://eventlogger/demoLock.txt"
 action 003.06.05 end
 action 003.07 cli command "configure terminal"
 action 003.08 cli command "no file prompt quiet"
 action 003.09 cli command "end"
 Send an email with the information
 action 003.10  mail server "$_email_server" to "$_email_to" from "$_email_from" subject "$result_host $_event_pub_time: Emergency call out $result_Called" body "Extension $result_Ext called $result_Called. Notification was sent to phones."
Posted by at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)