The documentation related to configuring CSD silent monitoring through Cisco UCCX using SPAN ports / port mirroring / network sniffing (vs. the traditional desktop / CAD method) is a little disjointed at this time.
I have had success implementing it where UCCX is running on a UCS C200 chassis, the agents are using 7925 phones and the network infrastructure are 3560 switches.
One element that needs to be addressed in this configuration, and that is not obvious in related UCCX documentation, is the need to set up promiscuous mode on the VMware switch. You can find details here, but basically find the virtual switch serving UCCX, click Edit | Security tab | Promiscuous Mode drop down menu | Accept. Without this, traffic sent to the C200 physical interface serving the virtual switch / UCCX server via port mirroring won't actually reach the server, as it is not addressed to the server. The virtual switch will drop it.
Another more obvious matter is setting the UCCX monitoring device to the server interface. In the current 8.5 release, having a seperate monitoring server or a seperate NIC for monitoring is no longer supported so your only choice is the single UCCX IP address. Go to your UCCX GUI | Cisco Desktop Administrator (upper right drop down) | Services Configuration | Multiline, Monitoring & Recording | VoIP Monitoring Device, and confirm that devices to be monitored by network SPAN methods have Desktop Monitoring disabled and Monitoring Service set to the IP address of your UCCX server. I have found that a Manual Synchronization of Directory Services may be in order at this point, and that restarting the Cisco Desktop VoIP Monitor Service through Cisco Unified CCX Serviceability might also force the issue a bit.
There are a million things to consider when setting up the network monitoring but a real simple example of one way to do it on a 3560 is:
! Monitor the voice gateway interface to "hear" all calls going off premise.
monitor session 2 source interface Fa0/1
! Monitor the CUCM server interface to "hear" all the setup and tear down information about the calls you are listening to traverse the gateway interface above
monitor session 2 source interface Gi0/1
! Send all the stuff you "hear" above to the interface that is dedicated to the UCCX server via the VMware switch you setup in promiscuous mode. NOTE: without the ingress variables, you may limit yourself to one way data transfer on that port, effectively disconnecting UCCX from the network (your configuration may vary).
monitor session 2 destination interface Gi0/2 ingress dot1q vlan 20
In my case, since I am only interested in monitoring 7925 calls going off premise, there is no need to deal with monitoring AP or WLC interfaces specifically. Your switch type and IOS version may also limit you to monitoring a limited number of interfaces / VLANs and a limited number of monitoring sessions as well, hence not monitoring the voice VLAN above. Don't assume this will work or applies everywhere. Do a little research on what is supported on your infrastructure and what is required by your solution before you dive too deeply.