|
|
In This Section: |
Logs show detailed, protocol-specific information for VoIP traffic. There are predefined VoIP log queries that supply enhanced troubleshooting capabilities.
To enable VoIP logging of VoIP calls:
To enable VoIP logging of Inspection Settings, create an Inspection Settings rule.
Note - If VoIP logging is disabled, only standard logging takes place. The fields it shows are the source, destination and protocol information.
Logs are available for SIP, H.323, MGCP and SCCP protocols.
To view predefined queries:
In the Predefined list, the queries show.
You can also add queries to your Favorite Queries list:
To add queries to your Favorites list:
That query shows in the window.
Predefined Query |
Type |
When Sent |
Shows |
|---|---|---|---|
Registration Session |
Accept logs |
After successful registration. |
Registration IP address, phone number, port, and transport protocol (TCP/UDP). Registration period (seconds). IP address of the registrar server. |
Other Session |
Accept logs |
After response to SIP requests. Such as:
|
Source IP address, port, and phone number. Destination IP address, port and phone number. SIP method or MGCP command type. |
Security Events |
Drop or Detect logs |
Inspection Settings VoIP protection has detected a violation. |
Source IP address, port and phone number. Destination IP address, port and phone number. Reason for log (Attack and Attack Information fields). |
Call Session |
Accept logs |
After a call is established, and updated after the call is closed. |
Source IP address, port and phone number. Destination IP address, port and phone number. State of call (open/closed), duration (seconds), direction (Inbound/Outbound), media. |
Policy Events |
Drop or Detect logs |
VoIP policy has detected a violation. |
Source IP address, port and phone number. Destination IP address, port and phone number. Reason for log (VoIP Reject Reason and VoIP Reject Reason Information fields). Short configuration guidelines. |
