Menu
▾
▴
astlinux-users
|
From: Michael K. <li...@mk...> - 2020-01-24 09:06:00
|
> Am 23.01.2020 um 23:17 schrieb Dan Ryson <da...@ry...>: > > Hi Michael, > > Thanks for the reply. > > I guess my question is really how best to routinely run a SIP PCAP on all incoming/outgoing calls, for later analysis if necessary. > > I have a provider that offers this and have found it useful for troublesooting isolated problems. I'm not worried about deleting SIP capture files. I'm just uncertain how to create them. > > Dan Hi Dan, I use this line in "rc.local" to start sngrep in the background in a screen session and store the .pcap files in "/mnt/kd/sngrep/" /usr/bin/screen -dmS sngrep /usr/bin/sngrep -c -O /mnt/kd/sngrep/$(date +"%Y-%m-%d_%H%M").pcap The "-c" is important so it only reports on calls, no options, notifies and so on. On high traffic systems that can eat up a lot of RAM over time, so I kill sngrep with a cronjob in the night and start it again also to get daily reports. killall sngrep && .... You can read the .pcap files then later with sngrep within AstLinux again and search for issues. > > -------- Original message -------- > From: Michael Knill <mic...@ip...> > Date: 1/23/20 2:56 PM (GMT-05:00) > To: AstLinux Users Mailing List <ast...@li...> > Subject: Re: [Astlinux-users] Regular Use of sngrep > > Well I'm obviously ignorant of the tools available in Astlinux and I really wish I knew about this one earlier after I tried it. > > > > Couldn't you just run it to do a PCAP capture only from a specific peer, specifying limits and rotating the calls after the limit is reached? > > You could then do analysis via Wireshark. > > > > My 2c worth. > > > > Regards > > Michael Knill > > > > From: Dan Ryson <da...@ry...> > Reply to: AstLinux List <ast...@li...> > Date: Friday, 24 January 2020 at 3:15 am > To: AstLinux List <ast...@li...> > Subject: [Astlinux-users] Regular Use of sngrep > > > > Greetings all! > > > > It occurs to me that I've only been using the powerful sngrep tool to troubleshooting repeatable problems, not prior intermittent problems that are much harder to reproduce and catch. > > > > Is there an AstLinux recommended best-practice for routinely running SIP packet capture to permit sngrep diagnosis of historic calls? > > > > Thanks in advance for your thoughts. > > > > Dan > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... Michael http://www.mksolutions.info |
|
From: Dan R. <da...@ry...> - 2020-01-24 12:04:21
|
On Fri, Jan 24, 2020 at 04:06 AM, Michael Keuter wrote: Am 23.01.2020 um 23:17 schrieb Dan Ryson : Hi Michael, Thanks for the reply. I guess my question is really how best to routinely run a SIP PCAP on all incoming/outgoing calls, for later analysis if necessary. I have a provider that offers this and have found it useful for troubleshooting isolated problems. I'm not worried about deleting SIP capture files. I'm just uncertain how to create them. Dan Hi Dan, I use this line in "rc.local" to start sngrep in the background in a screen session and store the .pcap files in "/mnt/kd/sngrep/" /usr/bin/screen -dmS sngrep /usr/bin/sngrep -c -O /mnt/kd/sngrep/$(date +"%Y-%m-%d_%H%M").pcap The "-c" is important so it only reports on calls, no options, notifies and so on. On high traffic systems that can eat up a lot of RAM over time, so I kill sngrep with a cronjob in the night and start it again also to get daily reports. killall sngrep && .... You can read the .pcap files then later with sngrep within AstLinux again and search for issues. Hi Michael, This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! Best wishes, Dan |
|
From: Lonnie A. <li...@lo...> - 2020-01-24 13:21:00
|
> On Jan 24, 2020, at 6:04 AM, Dan Ryson <da...@ry...> wrote: > > Hi Michael, > > This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. > > Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! Nothing NOOB here, this was a graduate-level question ... and answer. Lonnie |
|
From: Michael K. <li...@mk...> - 2020-01-24 13:57:40
|
> Am 24.01.2020 um 14:20 schrieb Lonnie Abelbeck <li...@lo...>: > > >> On Jan 24, 2020, at 6:04 AM, Dan Ryson <da...@ry...> wrote: >> >> Hi Michael, >> >> This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. >> >> Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! > > Nothing NOOB here, this was a graduate-level question ... and answer. > > Lonnie +1 Michael http://www.mksolutions.info |
|
From: Dan R. <da...@ry...> - 2020-01-24 14:41:37
|
On Fri, Jan 24, 2020 at 08:57 AM, Michael Keuter wrote: Am 24.01.2020 um 14:20 schrieb Lonnie Abelbeck : On Jan 24, 2020, at 6:04 AM, Dan Ryson wrote: Hi Michael, This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! Nothing NOOB here, this was a graduate-level question ... and answer. Lonnie +1 Michael http://www.mksolutions.info (http://www.mksolutions.info) You guys are too kind! Thanks, Dan |
|
From: Michael K. <mic...@ip...> - 2020-01-24 19:43:26
|
I didn't even know it existed so I'm more of a NOOB __
Great idea though Michael. I will certainly be doing this in the future.
I played with the -l and -R parameters as I wanted to just perform a rolling capture however I realised that its only for the screen and not in the capture ☹
Regards
Michael Knill
On 25/1/20, 12:58 am, "Michael Keuter" <li...@mk...> wrote:
> Am 24.01.2020 um 14:20 schrieb Lonnie Abelbeck <li...@lo...>:
>
>
>> On Jan 24, 2020, at 6:04 AM, Dan Ryson <da...@ry...> wrote:
>>
>> Hi Michael,
>>
>> This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings.
>>
>> Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone!
>
> Nothing NOOB here, this was a graduate-level question ... and answer.
>
> Lonnie
+1
Michael
http://www.mksolutions.info
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Dan R. <da...@ry...> - 2022-01-15 18:25:50
|
All, It's been a year since I began using sngrep along with the suggestions provided by members of the list. I'm way overdue for a promised update. In short, the following is crontabs/root entry has been working perfectly and sngrep has been a very useful tool when diagnosing problems. I highly recommend it! Thanks again for the suggestions. Dan ## stops sngrep at 3:22 AM to not eat too much RAM. ## Kills all pcap files more than 31 days old at 3:23 AM ## Then restarts at 3:24 AM (also started on boot in /mnt/kd/rc.local) 22 3 * * * killall sngrep 23 3 * * * find /mnt/kd/sngrep/*.pcap -mtime +30 -type f -delete 24 3 * * * /usr/bin/screen -dmS sngrep /usr/bin/sngrep -d eth0 -c -O /mnt/kd/sngrep/$(date +"%Y-%m-%d_%H%M").pcap > /dev/null 2>&1 On Fri, Jan 24, 2020 at 02:43 PM, Michael Knill wrote: I didn't even know it existed so I'm more of a NOOB __ Great idea though Michael. I will certainly be doing this in the future. I played with the -l and -R parameters as I wanted to just perform a rolling capture however I realised that its only for the screen and not in the capture ☹ Regards Michael Knill On 25/1/20, 12:58 am, "Michael Keuter" wrote: Am 24.01.2020 um 14:20 schrieb Lonnie Abelbeck : On Jan 24, 2020, at 6:04 AM, Dan Ryson wrote: Hi Michael, This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! Nothing NOOB here, this was a graduate-level question ... and answer. Lonnie +1 Michael http://www.mksolutions.info (http://www.mksolutions.info) _______________________________________________ Astlinux-users mailing list Ast...@li... (mailto:Ast...@li...) https://lists.sourceforge.net/lists/listinfo/astlinux-users (https://lists.sourceforge.net/lists/listinfo/astlinux-users) Donations to support AstLinux are graciously accepted via PayPal to pa...@kr... (mailto:pa...@kr...). _______________________________________________ Astlinux-users mailing list Ast...@li... (mailto:Ast...@li...) https://lists.sourceforge.net/lists/listinfo/astlinux-users (https://lists.sourceforge.net/lists/listinfo/astlinux-users) Donations to support AstLinux are graciously accepted via PayPal to pa...@kr... (mailto:pa...@kr...). |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X