Splunk Cloud

Although most of the machinery will of course be up on Splunk Cloud, you will still need a host locally to run an SFTP server, and to also run a Splunk Forwarder that will send the SFTP’ed files up to Splunk Cloud.

Here are the full steps to set everything up:

1) In Splunk Cloud

  • Install the apps
    • Log into Splunk Cloud as an admin, go to “Apps” and then “Manage Apps”, click the “Browse More Apps” button in the top right.
    • Use the textbox in the top left to search for “Canary”, and when you see Sideview’s Canary app click “Install”.
    • Next do the same to find our “Cisco CDR Reporting and Analytics” app, and click “Install” again

    Note that if you have any problem installing the apps yourself you can also ask Splunk Support to do so with a ticket. Also if Splunk ever says that our apps can’t be installed in Cloud for any reason, let us know and we’ll get it straightened out quickly.

  • enter the Cisco CDR app’s license key
    • If you don’t have one yet you can get one here.
    • Navigate to the Cisco CDR Reporting and Analytics app, click Setup > Update License to paste it in. (Alternate instructions)
  • create a new index
    • Navigate to to Settings > Indexing and create a new index called “cisco_cdr”

2) On Your SFTP Server Host

  • Set up the SFTP server software
    • Here are some pointers/tips for a Windows or Linux SFTP server.
  • Install and configure the Splunk Universal Forwarder
    Note: It may make sense to have a coworker who administers the Splunk Cloud instance help you with this part.

    NOTE: If for some reason your Splunk folks are using a Splunk Heavy Forwarder instead of the smaller Universal Forwarder, that’s not a problem. Contact us with any questions.

3) IN CUCM

4) That’s it. Start driving around in your data

Data should now be coming in. If you have any problems at this point, check the apps “Health Checks” by going to “Setup > Run Health Checks”, and contact us.

This is also a good time to reach out to us to schedule a quick tour and some Q&A.

Further configuration steps you can take

  • Important – Configure your clusters. This should only take a few seconds and will ensure external numbers are parsed properly and provide location information.
  • Sites – Add IP address ranges to identify sites, see cross-site call volume, and to optionally enable mapping to work for your own infrastructure.
  • Groups – Track calls by ‘groups’ of people – ‘groups’ being whatever you’d like to define as a mapping of groups, subgroups, and names to extensions. Use it to report on your sales team, help desk or to build your own mini call center.




If you have any comments at all about the documentation, please send it in to docs@sideviewapps.com.