Print Download PDF Send Feedback

Previous

Next

VoIP Logs and Queries in SmartConsole

Logs in SmartConsole

Logs show detailed, protocol-specific information for VoIP traffic. There are pre-configured VoIP log queries that supply enhanced troubleshooting capabilities.

To enable VoIP logging of VoIP calls:

  1. From SmartConsole, in the Security Policies tab, select your rule.
  2. From the Track column, select Log.

Note - If VoIP logging is disabled, only standard logging takes place. Standard logging includes the Source, Destination, and protocol information.

Logs are available for all protocols.

Queries from SmartConsole

To view preconfigured queries:

To add queries to your Favorites list:

  1. In the Logs & Monitor tab, select Queries.
  2. Select the query that you want to add to your favorites list.

    That query shows in the window.

  3. Select Queries > Add to Favorites.
  4. Configure the fields in the Add to Favorites window that opens.
  5. Select Add.

    Important - There are no logs available for RTP call sessions in SmartConsole, but you can find additional information from the gateway.

    Predefined Query

    Type

    When Sent

    Shows

    Registration Session

    Accept logs

    After successful registration.

    Registration IP address, phone number, port, and transport protocol (TCP/UDP). Registration period (seconds). IP address of the registrar server.

    Other Session

    Accept logs

    After response to SIP requests.

    Such as:

    • Message or Update
    • Response to MGCP commands

    Source IP address, port, and phone number. Destination IP address, port and phone number. SIP method or MGCP command type.

    Security Events

    Drop or Detect logs

    Inspection Settings VoIP protection has detected a violation.

    Source IP address, port and phone number. Destination IP address, port and phone number. Reason for log (Attack and Attack Information fields).

    Call Session

    Accept logs

    After a call is established, and updated after the call is closed.

    Source IP address, port and phone number. Destination IP address, port and phone number. State of call (open/closed), duration (seconds), direction (Inbound/Outbound), media.
    (If there are multiple media streams, shows data of the first one only.)

    Policy Events

    Drop or Detect logs

    VoIP policy has detected a violation.

    Source IP address, port and phone number. Destination IP address, port and phone number. Reason for log (VoIP Reject Reason and VoIP Reject Reason Information fields). Short configuration guidelines.

Go to R80.20 Logging and Monitoring Guide for complete information about logs and queries.