This document contains the steps required to

  • Enable the AXL Web Service in CallManager
  • Create a group in CUCM “AXL Service Users” to provide the permissions the AXL user will require
  • Create an AXL user and assign it to the above group
  • Retrieve the wsdl and xsd files needed
  • Install the SA_cisco_cdr_axl app into Splunk (if you haven’t already)
  • Configure the app with the credentials it will need
  • Test that the configuration is valid.

Enable the AXL Web Service

Perform these steps in Call Manager.

These steps enable the AXL web service to work. Regardless of user account permission settings, if the base service for AXL isn’t enabled the AXL lookups can never work. You *may* find this is already enabled on your system. If so, just move on to the next section. 🙂

Experts: Check that the Cisco AXL Web Service is started and running.

If you need more specific directions –

  1. Log into the Cisco Unified Serviceability application using an administrator account.
  2. Browse to Tools, then to Control Center – Feature Services.
  3. Select your CUCM server from the drop down asking which server to configure, then click Go.
  4. Browse that list, find the Cisco AXL Web Service and depending on your version either …
    • (for older CUCM versions) make sure there is a check mark beside it to enable it then click Save.
    • (for newer CUCM versions) confirm its Status says Started. If it is not, click it and click Start at the bottom.

Create group “AXL Service Users”

Perform these steps in Call Manager.

This creates a group that we call “AXL Service User”, which has the rights/permissions inside CUCM for allowing anyone that’s a member of this group access to the AXL information. This is needed so that the user we create in the next step can be added to this role, and thus can access AXL.

Experts: Create a User level Access Control Group, then assign to that group the role Standard AXL API Access. (Our instructions create a new group for assigning the role, but do it in whatever way works for your environment).

Or, follow along below:

  1. Log into the Cisco Unified CM Administration application using an administrator account. NOTE you can access it from the “Navigation” menu in the upper right if you came to this section straight from the Enable the AXL web service section above.
  2. Click User Management > User Settings > Access Control Group.
  3. Click the Add New button.
  4. Type in AXL Service Users for the name and click Save.
  5. In the upper right, to the right of Related Links: (Which should say “Back to Find/List”) click Go.
  6. (You might find that you have to “Find” the AXL user we just created)
  7. To the right of the newly created Access Control Group AXL Service Users, click the “i” button under Roles.
  8. Click the button Assign Role to Group.
  9. In the “Find and List Roles” window, click Find to have it display all available Roles
  10. Click the checkbox beside Standard AXL API Access.
  11. At either the very top of the page or the very bottom, click Add Selected.
  12. Click Save. (Note this page refreshes with “Update successful” but otherwise gives no indications you are done.)

Create an AXL-enabled user

Perform these steps in Call Manager.

This creates a new user and adds the permissions (via the group created above) required for it to query the AXL information.

Experts: Create a user and add it to the above created access control group so that it can query AXL.

  1. Log into the Cisco Unified CM Administration application using an administrator account.
    • NOTE you can access it from the “Navigation” menu in the upper right if you came to this section straight from the Enable the AXL web service section above.
  2. Click User Management > Application User.
  3. Click the Add New button.
  4. Supply a user name and an appropriate password. Remember these, we’ll need them later.
  5. For that user, down near the bottom find Add to Access Control Group
  6. In the new “Find and List Access Control Groups” window, click the checkbox beside AXL Service Users
  7. At the bottom of the page, click Add Selected.
  8. When returned to the Application User Configuration page, click Save.
  9. Again, this is a screen where the confirmation is subtle – “Add successful” but no other change.
  10. Check the roles and groups applied by going to User Management, Application User, finding the user you created in step 3 above and confirming it lists the Permissions information at the bottom.
  11. Click Save.

Retrieve the needed files from UCM

Perform these first few of these steps in Call Manager, saving files onto your desktop or somewhere local.

Cisco’s licensing does not allow redistribution of the portions of the Cisco Call Manager AXL SQL Toolkit Plugin, so we can’t provide it with the CDR app. Instead, see the below instructions to retrieve the toolkit and extract and deploy the required files.

  1. Log into the Cisco Unified CM Administration application using an administrator account. NOTE you may already be in this application if you were following the steps above.
  2. Go to Application > Plugins
  3. Click the Find button once (with default parameters) to populate the list.
  4. Click on the Download link by the
    • Cisco CallManager AXL SQL Toolkit Plugin (older versions) or the
    • Cisco AXL Toolkit (newer versions).
    • (In both cases, it’s often the first one listed!)
  5. Save the file onto your local system in a convenient place.
  6. After saving the axlsqltoolkit.zip file to your local system, open it with your favorite zip file utility.
  7. Drill down into axlsqltoolkit/schema/<UCM version>/
    (For instance axlsqltoolkit/schema/11.5/ )
  8. Extract the three files you find there – AXLAPI.wsdl, AXLEnums.xsd and AXLSoap.xsd – into a temporary folder.  Obviously, remember where you put them.

Install the SA_cisco_cdr_axl app into Splunk (if you haven’t already)

Perform these steps in Splunk.

  1. Log into Splunk
  2. Get to the “Manage Apps” page – either using the Apps menu at the top left of most pages in Splunk, or by going back to the “Launcher” app and clicking manage apps at the bottom left.
  3. Click the green button to “Browse more apps” in the upper right.
  4. Search for Cisco AXL and you’ll see our app.
    1. You should be able to just click “Install” and it will prompt you to restart Splunk after. If you see the app from that page but you don’t seem to be able to Install it, please contact us.
  5. ALTERNATIVE: If your Splunk admins have locked down your instance such that it can’t talk to Splunkbase, then you can download the tar.gz direct from Splunkbase and save it locally. Then in that same “Manage Apps” page from above you’ll see an “Install App From File” button. Click that and follow the prompts.

Configure the SA_cisco_cdr_axl app

Perform this step on the Splunk *server*

“Install” AXL SQL Toolkit files

  1. Copy the three files AXLAPI.wsdl, AXLEnums.xsd and AXLSoap.xsd from the temporary directory where you extracted them before, to your $SPLUNKHOME/etc/apps/SA_cisco_cdr_axl/bin/ folder on the Search Heads.
    • They can be deployed via most other “generally accepted” Splunk deployment methods as well – deployment server, deployer, puppet, etc…
  2. Restart Splunk!

Configure the AXL credentials.

This step is performed in Splunk (the app/webpage).

  1. Open Splunk and log in as an administrator.
  2. Open the Supporting AXL Addon for Cisco CDR Reporting and Analytics app (SA_cisco_cdr_axl).
  3. Click “Update Credentials” at the top.
  4. Enter the publisher host, the port (generally 8443) and the username and password for the AXL user you created previously.
  5. Click Create to create the credentials.

A note here – if you have multiple AXL entries here, this is fine but please contact us for a tweak to some lookups to make sure they work correctly when faced with potential name collisions across clusters.  In that email, use the subject line “My hovercraft is full of eels” so we’ll know what you need.


Then try the following to confirm everything is set up correctly:

  1. Open the Supporting AXL Addon for Cisco CDR Reporting and Analytics app.
  2. Click on our Search navigation item near the top.
  3. Paste in the following search and press enter:
    | ciscoaxl listPhone name="SEP%" columns="name,description"

If all is set up correctly, in a few moments (maybe minutes!) you should be presented with a list of all hardphones.

NOTE if your CUCM deployment is enormous you might want to filter that test down to a smaller subset of phones by changing “SEP%” to something more targeted. For instance “SEP0123%” will only match hardphones phones that have MAC addresses starting with “0123”.

Populating Devices

If you look in Splunk’s Settings > Searches, Reports and Alerts

  • change to “All” apps
  • change “owner” to “nobody”
  • ‘filter’ for “get_devices_example”

You’ll see we ship a disabled saved search called “get_devices_example”.  Here’s how to convert it to a usable search that you can schedule:

  1. For that search, click Edit and then Clone it to a new search, named “get_devices_via_axl” or similar.
  2. View that cloned report, enable it from the button on that screen (it clones disabled, like the original) and confirm the data looks good for your environment.
  3. Edit the search and add to the end
    | outputlookup devices
  4. Run that search once to populate the devices lookup for the first time.
  5. Check that your Browse > Devices pages in the app now have fields like productName!  Once you’ve confirmed, continue with step 6.
  6. Save the altered search.
  7. Then Schedule that saved search to run perhaps once each night to update itself.

And remember, we’re very happy to hop on a webex and walk through the final implementation process with you, so feel free to drop us a line at support@sideviewapps.com!


If you have any comments at all about the documentation, please send it in to docs@sideviewapps.com.