Getting Data In

Huawei CDR

lohans
Explorer

Is anyone indexing Huawei CDR's with Splunk?

The Huawei CDR's is in a encrypted / encoded format, is there a way to get these records into cleartext for indexing into Splunk?

Tags (1)
0 Karma

mgrnahid
New Member

Hi,
Can you please explain me, how to decode CDR file? I am waiting for your reaply

0 Karma

lohans
Explorer

Hi,

Yes we have managed to develop a custom decoder, although at this moment we don't decode all fields.
We just decode some of the fields we required.

Is your CDR files for a fixed or mobile networks?

0 Karma

lohans
Explorer

Hi,

Yes we have managed to develop a custom decoder, although at this moment we don't decode all fields.
We just decode some of the fields we required.

Is your CDR files for a fixed or mobile networks?

0 Karma

ryainad
Explorer

Hello, I have CDR file of huawei CSOFTX3000, and sample with first 50 decoded CDRs.
I need to decode it and convert to plain text. Have you managed it?

0 Karma

mgrnahid
New Member

Hello, I have CDR file of huawei CSOFTX3000, and sample with first 50 decoded CDRs.
I need to decode it and convert to plain text. Have you managed it?

0 Karma

mgrnahid
New Member

Hi,
Can you please explain me, how to decode CDR file? I am waiting for your reaply

0 Karma

lohans
Explorer

Hi,

Yes we have managed to develop a custom decoder, although at this moment we don't decode all fields.
We just decode some of the fields we required.

Is your CDR files for a fixed or mobile networks?

0 Karma

joonradley
Path Finder

Splunk basically needs readable text.

Decrypting and decoding data will have to happen with a scripted input or and external application that converts your data to text.

Decryption will be a challenge without vendor provided tool. (I doubt that this will be encrypted, most probably encoded)

Contact the hardware vendor to obtain documentation on the format of the encoded data and start from there.

0 Karma

joonradley
Path Finder

Yes, that the way we approach binary data formats.

0 Karma

lohans
Explorer

I know that! Hence why i asked the question if someone is already doing it and if so how.

You can get the CDRs from a mediation product that would have already normalized the data into plain text. (CSV, XLS etc)

Just thought someone might have solved this puzzle already without using a mediation product.

But by the look of things the only way forward is to use output from the mediation product with the data already normalized?

0 Karma
Get Updates on the Splunk Community!

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...