FAQ: Difference between revisions

From VoIPmonitor.org
Jump to navigation Jump to search
 
(33 intermediate revisions by 3 users not shown)
Line 17: Line 17:


See this: [http://www.voipmonitor.org/downloads/graph_cheat_sheet.pdf Graph cheat sheet]
See this: [http://www.voipmonitor.org/downloads/graph_cheat_sheet.pdf Graph cheat sheet]
== Regexps examples usable in CDR view ==
!R(^[+]?[0-9]+$) - to get all weird CDRs (where callerNum have letters or special chars in its number)
== There is a delay between active calls view and the CDR view ==
Please, read following content: [[SQL queue is growing in a peaktime]]
Please, read following content: [[Minimizing Delay Between Call End and CDR Database Storage]]


= Supported architectures =
= Supported architectures =
Line 23: Line 32:


x86 32 and 64, ARMv5 - (if you have error with missing "__sync_fetch_and_sub_8" you have to upgrade GCC compiler to version 4.8)
x86 32 and 64, ARMv5 - (if you have error with missing "__sync_fetch_and_sub_8" you have to upgrade GCC compiler to version 4.8)
= Is AWS supported =
Yes AWS is supported. For working license check you usually need to change /dev/root attrs to be readable by all (web-server)
run: chmod 644 /dev/root
= Are dockers/containers supported =
Yes, the GUI can run in containered env. You should ensure that
/proc/self/cgroup.txt will not change the content with every container restart otherwise you will be asked for license key update every reboot.
= Are hosted/cloud db supported =
voipmonitor requires mysql type of db (mysql/mariab/percona) no matter where the database is located.
by default the mysql user should have SUPER and ALL privileges granted
== Azure ==
Because there is not possible to set SUPER privilege, you need to set at least following options when configuring db
=== configure Options ===
innodb_file_per_table = ON
log_bin_trust_function_creators = ON
1100 IOPS are required for 5000 concurrent calls


= Configuration =  
= Configuration =  
Line 31: Line 60:


Go to settings -> System configuration -> Advanced section -> Hide timezone information -> Enable and set to TRUE
Go to settings -> System configuration -> Advanced section -> Hide timezone information -> Enable and set to TRUE
== Problems with packet mirroring on esxi 6.5 ==
===Behavior===
When a port group is set to VLAN 4095, this activates VGT mode. In this mode, the vSwitch passes all network frames to the guest VM without modifying the VLAN tags, leaving it up to the guest to deal with them. VLAN 4095 should be used only if the guest has been specifically configured to manage VLAN tags itself. If VGT is enabled inappropriately, it might cause denial-of-service or allow a guest VM to interact with traffic on an unauthorized VLAN.
===Solution===
From the vSphere Web Client:
select the ESXi Host and go to Configure >> Networking >> Virtual switches. Highlight a port group (where VLAN ID set to 4095) and click Edit settings. Change the VLAN ID to not be 4095 and click OK.
or From a PowerCLI command prompt while connected to the ESXi host run the following command:
Get-VirtualPortGroup -Name 'portgroup name' | Set-VirtualPortGroup -VLanId 'New VLAN#'
== Audiocodes tunneling ==
Follow the link to get details on how to enable processing of the [[audiocodes tunneling]] by voipmonitor
== Use of the sniffer's api ==
The new sniffer version since 32.0 has the encryption on api enabled
[[ Encryption_in_manager_api_customer ]] is the doc describing how to use the api with or without encryption


= Licensing =
= Licensing =
Line 45: Line 93:
== accident / unwanted spikes ==
== accident / unwanted spikes ==


If your license is blocked due to high spike (accident / hack whatever) you need to delete those CDR from database via the GUI (filter those calls and in toolbar use delete buttons) and then try to unblock the license or run "php /var/www/html/php/run.php saveCallStatistics". If you do not want to delete them and you will have higher channels than your license for two consecutive days your license will be blocked after 14 days - you need to upgrade to higher channels license which you can do on voipmonitor.org portal.
If your license is blocked due to high spike (accident / hack whatever) you need to delete those CDR from database via the GUI (filter those calls and in toolbar use delete buttons) and then try to unblock the license or run "php /var/www/html/php/run.php saveCallStatistics". If you do not want to delete them and you will have higher channels than your license for three consecutive days your license will be blocked after 14 days - you need to upgrade to higher channels license which you can do on voipmonitor.org portal.


= DTMF =
= DTMF =
Line 58: Line 106:




= Bulk download of pcaps or audio (wav/ogg)=
= Audio files =
== Bulk download of pcaps or audio (wav/ogg)==
Read this: [[download of pcap files / audio files using GUI's api]]
Read this: [[download of pcap files / audio files using GUI's api]]


= Batch download of an audio from CDRs for more then 1000 CDRs=
== Batch download of an audio from CDRs for more then 1000 CDRs==
Read this: [[Batch download of audio for 1000+ CDRs]]
Read this: [[Batch download of audio for 1000+ CDRs]]
== Batch conversion from wav to ogg in a spooldir==
If you set saveaudio=wav, the audio files getting created in a spooldir, you can set saveaudio=ogg to save space but for the calls/audio already stored in a spooldir, you need to convert to .ogg and remove .wav file.
Run following commands in a spooldir
The first is for coversion wav to ogg, and second is for remove of all wav files from current location and the third is to set web-server's user ownership to allow GUI read the new ogg files.
cd /var/spool/voipmonitor
find ./ -name '*.wav' -exec bash -c 'ffmpeg -i $0 -vn -acodec libvorbis ${0/wav/ogg}' {} \;
find ./ -name '*.wav' -exec rm -f {} \;
chown www-data ./ -R
== Get the audio file from SIP&RTP pcap extracted from spooldir==
Read this: [[create audio from packet dumps located in a spooldir]]


= GeoIP location services =
= GeoIP location services =
Line 70: Line 134:
= Self signed certificate =
= Self signed certificate =
Read this: [[Enable SSL/TLS + self signed certificate for http server]]
Read this: [[Enable SSL/TLS + self signed certificate for http server]]
= Lost admin's GUI pasword =
Read this: [[User_Management]]


= Corrupted GUI installation, how to reinstall the GUI=
= Corrupted GUI installation, how to reinstall the GUI=
Read this: [[Re-install_the_GUI]]
Read this: [[Re-install_the_GUI]]
= Upgrade of the OS and php version changed - how to make the GUI works again with recent php=
Read this: [[GUI_Installation#Re-installing_the_GUI]]


= Bad sniffer version, how to reinstall the sniffer to latest version =
= Bad sniffer version, how to reinstall the sniffer to latest version =
Line 125: Line 194:
You can disable possibility of GUI to do live spying on calls that uses g711 codec, in the sniffers config set option liveaudio=no
You can disable possibility of GUI to do live spying on calls that uses g711 codec, in the sniffers config set option liveaudio=no


==How to enable milliseconds precision==
=How to enable milliseconds precision=


[[How_to_enable_milliseconds_precision]]
[[How_to_enable_milliseconds_precision]]
=How to enalbe ipv6 processing=
By default is voipmonitor processing ipv4 traffic.
==New Database or old CDRs can be removed==
Set in /etc/voipmonitor.conf
ipv6=yes
(Drop database voipmonitor, create new and then restart the sniffer service)
==Database already contains CDRs ipv4==
Because the data by default gets stored into int column using inet_aton, but ipv6 it storing it into different type of a same column with inet6_aton functions - then it is necessary to use additional steps:
===Easy way===
let know to the GUI that there are IP adresses stored in various formats with:
IPV6_SAFE_CONDITION_FOR_IPV4 set to true in GUI's configuration.php (GUI->Settings->system configuration->Advanced: Combines IPv4 queries with using....
then run the column's ALTERS described in GUIs installation dir in file
/var/www/html/scripts/ipv6_alter.sql
then set ipv6=yes in /etc/voipmonitor.conf and restart sniffer service
Beware that the GUI's IPV6 option will decrease the performance of a GUI - you should have it there enabled only until the CDRs prior to date of ipv6 change in columns are present.
===Better Way===
first modify the columns type using all the alters documented in GUIs installation file /var/www/html/scripts/ipv6_alter.sql
and then UPDATE all the related CDR tables(data) -  (move content ipv4 to ipv6 datasize)
Example for cdr table only:
UPDATE cdr
set
a_saddr = inet6_aton(inet_ntoa(a_saddr)),
b_saddr = inet6_aton(inet_ntoa(b_saddr)),
sipcallerip = inet6_aton(inet_ntoa(sipcallerip)),
sipcalledip = inet6_aton(inet_ntoa(sipcalledip));
Because there needs to be run multiple updates/alters we are developing new migration mode that will be able to migrate the ipv4 to ipv6 columns with data modifications.
Please contact the support@voipmonitor.org if you need help in enabling ipv6 with current CDRs in ipv4.
= Register packets =
By default is collecting of register packets disabled. You can enable it with option '''sip-register=yes''' in /etc/voipmonitor.conf and service restart.
More reading in [[https://www.voipmonitor.org/doc/Register in register doc]]
== Where are Register records stored? ==
=== Active register ===
Unlike tables for states and failed registrations, there is no table in database for active registrations - you need to ask api of the voipmonitor sniffer service for list of registers
Here is [[https://www.voipmonitor.org/doc/Register_active example script]] that lists all active registrations if sipcallerip is matching the only argument
=== Failed register ===
there is in '''voipmonitor''' database the table '''register_failed''' where are all failed register stored (in case there is multipletimes same failures in short interval the column '''counter''' representing how many failed register requests there was in interval 120s instead of creating record for each.
=== Register State ===
there is in '''voipmonitor''' database the table '''register_state''' where are all expired/unregistered records stored.
= Sourceforge is unavailable =
Q: how can I get latest sniffer release if sourceforge not works?
A: instead of download link
https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
use the link that links directly to our site:
https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz


= Geek's/Developer's corner =
= Geek's/Developer's corner =

Latest revision as of 16:32, 9 September 2024

Scalability

How does voipmonitor scale?

Read this: Scaling


How to clean old data and database?

Read this: Data Cleaning

CDR

What is the red small icon in CDR?

The red icon in those columns signalize which side sends BYE first.

How to interpret two charts in the cdr detail?

See this: Graph cheat sheet

Regexps examples usable in CDR view

!R(^[+]?[0-9]+$) - to get all weird CDRs (where callerNum have letters or special chars in its number)

There is a delay between active calls view and the CDR view

Please, read following content: SQL queue is growing in a peaktime

Please, read following content: Minimizing Delay Between Call End and CDR Database Storage

Supported architectures

What architectures are tested?

x86 32 and 64, ARMv5 - (if you have error with missing "__sync_fetch_and_sub_8" you have to upgrade GCC compiler to version 4.8)

Is AWS supported

Yes AWS is supported. For working license check you usually need to change /dev/root attrs to be readable by all (web-server) run: chmod 644 /dev/root

Are dockers/containers supported

Yes, the GUI can run in containered env. You should ensure that /proc/self/cgroup.txt will not change the content with every container restart otherwise you will be asked for license key update every reboot.

Are hosted/cloud db supported

voipmonitor requires mysql type of db (mysql/mariab/percona) no matter where the database is located. by default the mysql user should have SUPER and ALL privileges granted

Azure

Because there is not possible to set SUPER privilege, you need to set at least following options when configuring db

configure Options

innodb_file_per_table = ON
log_bin_trust_function_creators = ON
1100 IOPS are required for 5000 concurrent calls

Configuration

Why I do not see sip packets other then port 5060?

Voipmonitor sniffer by default sniffs packets only on port 5060 from or to. If you need to sniff more SIP ports you need to specify it in configuration. Please see this: Sniffer_configuration#sipport

How to disable timezone check

Go to settings -> System configuration -> Advanced section -> Hide timezone information -> Enable and set to TRUE

Problems with packet mirroring on esxi 6.5

Behavior

When a port group is set to VLAN 4095, this activates VGT mode. In this mode, the vSwitch passes all network frames to the guest VM without modifying the VLAN tags, leaving it up to the guest to deal with them. VLAN 4095 should be used only if the guest has been specifically configured to manage VLAN tags itself. If VGT is enabled inappropriately, it might cause denial-of-service or allow a guest VM to interact with traffic on an unauthorized VLAN.

Solution

From the vSphere Web Client:

select the ESXi Host and go to Configure >> Networking >> Virtual switches. Highlight a port group (where VLAN ID set to 4095) and click Edit settings. Change the VLAN ID to not be 4095 and click OK.


or From a PowerCLI command prompt while connected to the ESXi host run the following command:

Get-VirtualPortGroup -Name 'portgroup name' | Set-VirtualPortGroup -VLanId 'New VLAN#'

Audiocodes tunneling

Follow the link to get details on how to enable processing of the audiocodes tunneling by voipmonitor

Use of the sniffer's api

The new sniffer version since 32.0 has the encryption on api enabled Encryption_in_manager_api_customer is the doc describing how to use the api with or without encryption

Licensing

How to know how many license channels do we need?

You can have unlimited number of phones / endpoints but you need to buy channels according to your maximum number of calls at the same time during peak.

Go to GUI -> Tools -> concurrent calls which will show peaks past 14 days. All multiple legs are already aggregated into single channel so you do not need to buy extra channels in case you have two or more CDR per one real call. The intention is to scale pricing based on real concurrent calls not accounting multiple legs of the same calls.

How does having multiple sensors affect the licensing? If I add a 2-3 remote sensors to the system, would they use the same license pool?

Central GUI calculates connected channels for the whole database but groups all calls legs as a single call so multiple legs are not counted twice etc.

accident / unwanted spikes

If your license is blocked due to high spike (accident / hack whatever) you need to delete those CDR from database via the GUI (filter those calls and in toolbar use delete buttons) and then try to unblock the license or run "php /var/www/html/php/run.php saveCallStatistics". If you do not want to delete them and you will have higher channels than your license for three consecutive days your license will be blocked after 14 days - you need to upgrade to higher channels license which you can do on voipmonitor.org portal.

DTMF

You can enable DTMF RFC2833 or DTMF SIP INFO in voipmonitor.conf by enabling:

dtmf2db = yes

You can also enable DTMF inband detection (only for G.711) by enabling (it will take some CPU)

inbanddtmf = yes


Audio files

Bulk download of pcaps or audio (wav/ogg)

Read this: download of pcap files / audio files using GUI's api

Batch download of an audio from CDRs for more then 1000 CDRs

Read this: Batch download of audio for 1000+ CDRs

Batch conversion from wav to ogg in a spooldir

If you set saveaudio=wav, the audio files getting created in a spooldir, you can set saveaudio=ogg to save space but for the calls/audio already stored in a spooldir, you need to convert to .ogg and remove .wav file.

Run following commands in a spooldir

The first is for coversion wav to ogg, and second is for remove of all wav files from current location and the third is to set web-server's user ownership to allow GUI read the new ogg files.

cd /var/spool/voipmonitor
find ./ -name '*.wav' -exec bash -c 'ffmpeg -i $0 -vn -acodec libvorbis ${0/wav/ogg}' {} \;
find ./ -name '*.wav' -exec rm -f {} \;
chown www-data ./ -R

Get the audio file from SIP&RTP pcap extracted from spooldir

Read this: create audio from packet dumps located in a spooldir

GeoIP location services

Read this: order of GeoIP processing


Self signed certificate

Read this: Enable SSL/TLS + self signed certificate for http server

Lost admin's GUI pasword

Read this: User_Management

Corrupted GUI installation, how to reinstall the GUI

Read this: Re-install_the_GUI

Upgrade of the OS and php version changed - how to make the GUI works again with recent php

Read this: GUI_Installation#Re-installing_the_GUI

Bad sniffer version, how to reinstall the sniffer to latest version

Read this: Latest_sniffer

What does Audit log cover

It covers these actions of users in the GUI:

  • download wav
  • download pcap
  • play wav
  • show fax
  • batch download
  • filter CDR in form
  • login
  • logout

Precision for CDRs datetime

by default voipmonitor stores CDRs in seconds precision. If you need to have in CDR view calldate in milliseconds precission folow next how to how to enable milliseconds precision

PCI compliance

Voipmonitor is PCI compliance ready.

To control what to store to disk / database check [capture rules]

Turn off audio recording and DTMF via RFC2833 globally

To prevent recording audio and DTMFviaRTP see [savertp=header]

To prevent recording RTP at all [savertp=no]

To prevent recording just DTMF packets (SIP info/rfc2833) into DB and into spooldir (pcaps)

dtmf2db = no
dtmf2pcap = no

Turn off audio recording selectively

With savertp=yes in /etc/voipmonitor.conf you can disable audio recording only for some IPs / tel.numbers / SIP domains or any SIP header values [SAVE RTP=OFF|HEADER]

Turn on audio recording selectively

With savertp=no|header in /etc/voipmonitor.conf you can enable audio recording only for some IPs / tel.numbers / SIP domains or any SIP header values [SAVERTP=ON] using capture rules.

Turn off DTMF storing to db selectively

With dtmf2db=yes in /etc/voipmonitor.conf you will force sniffer to store DTMF it detects (RF2833/SIP INFO) into db. If you want to not store the DTMF detected in call into CDR for some IPs / tel.numbers / SIP domains or any SIP header values, create capture rule and set there record DTMF=OFF or record DTMF=only pcap - in case you want DTMF packets to be stored into pcap but not to db.

Turn off DTMF storing to pcap selectively

With savertp=yes and savesip=yes in /etc/voipmonitor.conf you will force sniffer to store DTMF(RF2833/SIP INFO) it detects into pcap. If you want to not store DTMF detected into pcap for some IPs / tel.numbers / SIP domains but you still need to collect SIP and RTP for these calls, create capture rule and set there record DTMF=OFF or record DTMF=only db.

Turn off DTMF storing to pcap and DB selectively

If you want to not store the DTMF detected in call's pcap for some IPs / tel.numbers / SIP domains or any SIP header values, create capture rule and set there record DTMF=OFF. (DTMF via SIP info and DTMF RFC2833) will not be stored to packets records, and to db.


Disable spying on live calls

You can disable possibility of GUI to do live spying on calls that uses g711 codec, in the sniffers config set option liveaudio=no

How to enable milliseconds precision

How_to_enable_milliseconds_precision

How to enalbe ipv6 processing

By default is voipmonitor processing ipv4 traffic.

New Database or old CDRs can be removed

Set in /etc/voipmonitor.conf

ipv6=yes

(Drop database voipmonitor, create new and then restart the sniffer service)

Database already contains CDRs ipv4

Because the data by default gets stored into int column using inet_aton, but ipv6 it storing it into different type of a same column with inet6_aton functions - then it is necessary to use additional steps:

Easy way

let know to the GUI that there are IP adresses stored in various formats with: IPV6_SAFE_CONDITION_FOR_IPV4 set to true in GUI's configuration.php (GUI->Settings->system configuration->Advanced: Combines IPv4 queries with using....

then run the column's ALTERS described in GUIs installation dir in file

/var/www/html/scripts/ipv6_alter.sql

then set ipv6=yes in /etc/voipmonitor.conf and restart sniffer service

Beware that the GUI's IPV6 option will decrease the performance of a GUI - you should have it there enabled only until the CDRs prior to date of ipv6 change in columns are present.

Better Way

first modify the columns type using all the alters documented in GUIs installation file /var/www/html/scripts/ipv6_alter.sql and then UPDATE all the related CDR tables(data) - (move content ipv4 to ipv6 datasize) Example for cdr table only:

UPDATE cdr
set 
a_saddr = inet6_aton(inet_ntoa(a_saddr)),
b_saddr = inet6_aton(inet_ntoa(b_saddr)),
sipcallerip = inet6_aton(inet_ntoa(sipcallerip)),
sipcalledip = inet6_aton(inet_ntoa(sipcalledip));

Because there needs to be run multiple updates/alters we are developing new migration mode that will be able to migrate the ipv4 to ipv6 columns with data modifications. Please contact the support@voipmonitor.org if you need help in enabling ipv6 with current CDRs in ipv4.

Register packets

By default is collecting of register packets disabled. You can enable it with option sip-register=yes in /etc/voipmonitor.conf and service restart. More reading in [in register doc]

Where are Register records stored?

Active register

Unlike tables for states and failed registrations, there is no table in database for active registrations - you need to ask api of the voipmonitor sniffer service for list of registers

Here is [example script] that lists all active registrations if sipcallerip is matching the only argument

Failed register

there is in voipmonitor database the table register_failed where are all failed register stored (in case there is multipletimes same failures in short interval the column counter representing how many failed register requests there was in interval 120s instead of creating record for each.

Register State

there is in voipmonitor database the table register_state where are all expired/unregistered records stored.

Sourceforge is unavailable

Q: how can I get latest sniffer release if sourceforge not works?

A: instead of download link

https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz

use the link that links directly to our site:

https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz

Geek's/Developer's corner

Read this: Internal_support_hints




















































.