Genesys Management 2.0

Hi – I’m back! Unfortunately, due to client confidentiality I’ve not been able to blog about Genesys work projects for a few years. Let’s change that ..

This post is about something I have been looking at for several years in the form of a shelved project which gets events from Genesys components via the PSDK and fires them into Esper for some complex event processing (CEP). But why get complex with PSDK code – why not just parse unstructured Genesys log files into structured data – let’s say in a JSON format?

Voxeo / Aspect went down this log processing route using Splunk but in the wider context using Splunk for Genesys log processing was not cost effective. However, the momentum of ELK (now the Elastic Stack) in the last 12 months has changed this significantly and I think it’s time for Genesys Management 2.0!

If you look at the current Genesys Management layer it’s not exactly fit for purpose. Yes, you can alarm and send SNMP traps but that just gets you into the Sh*t in Sh*t out (SISO) problem whereby too many alarms are sent meaning they just get ignored because “that is normal”. Worse still operational incidents occur for which there are no alarms – like SIP INVITEs not being received over a SIP trunk even though it is not OOS.

On top of Management 0.1 which has not changed for years, Genesys have added the Log File Management Tool (LFMT) and the Log Masking Tool which is just a couple of Java lines of code around Regex! Neither are aimed at operational excellence – just making life easier for Genesys Support.

Hence the reason for the post – using an ELK stack for Genesys Management 2.0. Surely a few Logstash Grok filters to parse out the following conf server log lines into events with metadata like the log message Id would without stealing the “Spotlight” would be quite valuable:

16:29:54.229 Std 24200 Object: [CfgFolder], name [Demands], DBID: [268] is created by client, type [SCE], name: [default], user: [default]
16:30:33.262 Std 24202 Object: [CfgFolder], name [Demands], DBID: [268] is deleted by client, type [SCE], name: [default], user: [default]
16:31:20.017 Std 24201 Object: [CfgRouteDN], name [RES Prepayment – Gas], DBID: [283] is changed by client, type [SCE], name: [default], user: [default]

grok {
match => { “message” => “%{TIME:timestamp} %{WORD:loglevel} %{WORD:logMsgId} %{GREEDYDATA:message}” }
break_on_match => false

Time to get Grok-ing.