Capture pcap with tshark or tcpdump for the future analysis with wireshark. Ngrep is also handy tool for captaring, say, INVITE. You can use grep like this: tail -f /var/log/asterisk/full | egrep --color -w 'chan_sip.*SIP/911|pbx.*SIP/911' <br>
Interesting technique from Astresk Cookbook, "Debugging dialplan with Verbose() <a href="http://ofps.oreilly.com/titles/9781449303822/DialplanFundamentals.html">http://ofps.oreilly.com/titles/9781449303822/DialplanFundamentals.html</a><br>
<br><div class="gmail_quote">2011/10/27 Sammy Govind <span dir="ltr"><<a href="mailto:govoiper@gmail.com">govoiper@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
It was a challenge to read through all the interesting experience you've shared over here. I don't know what others may be using for parsing the logs beautifully and make them usable. What I would recommend you at the very beginning ,since you mentioned using egrep, is figure out the Channel identifier string from the logs for a particular call. That's underlined below for you.<div>
<br></div><div><div class="im"><blockquote class="gmail_quote" style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-color:rgb(204, 204, 204);border-left-style:solid;padding-left:1ex">
<span style="font-family:arial, sans-serif;font-size:13px;background-color:rgb(255, 255, 255)">[Oct 26 17:58:01] VERBOSE[14274] logger.c: -- Executing [s@tc-maint:3] System("<b><u>Local/s@tc-maint-2496,2</u></b>","/var/lib/asterisk/bin/schedtc.php 60 /var/spool/asterisk/outgoing 0") in new stack</span></blockquote>
<br></div>Once you Figure out this part use egrep tool and you'll end up seeing only the data related to this particular call.</div><div><br></div><div>More advanced tool or techniques may involve setting up a central logging server where all the other servers deposit their logs and use monitoring tools like swatch, splunk, zabbix etc etc etc to parse the logs for you and generate alerts. </div>
<div><br></div><div>I haven't came across any Asterisk-specific log parser utility so far. Honestly, I never needed one.</div><div><div></div><div class="h5"><div><br><div class="gmail_quote">On Thu, Oct 27, 2011 at 5:16 AM, Douglas Mortensen <span dir="ltr"><<a href="mailto:doug@impalanetworks.com" target="_blank">doug@impalanetworks.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello all,<br>
<br>
I have been running asterisk systems since summer of 2008. I do not claim to be an expert. But I have worked through many issues during this period. I have setup & manage 5 systems, which serve 6 companies total (and of course process calls for all of the people they do business with).<br>
<br>
I have always been happy with asterisk (well, obviously less happy during the problem times... :-). And I continue to prefer to us it. However, if I could name the one largest struggle that I have with asterisk, it is the facilities that it provides for troubleshooting issues & parsing logs.<br>
<br>
I am hoping that someone on this mailing list can help me to realize how ignorant I really am, and how much time I have wasted parsing, "grep"ping & "less"ing logs manually. I am hoping that one of you can help me "see the light". If so, I would be most grateful.<br>
<br>
Specifically, here are the challenges I encounter, which I would desperately appreciate help with:<br>
<br>
Here's an example scenario:<br>
<br>
A customer calls me & says that a call just came in & some of their wireless DECT phones (I know, trouble already.... :-) didn't ring, while others did. I tell the customer that I'll start looking into the problem immediately.<br>
<br>
I am using AsteriskNOW with asterisk 1.6. So I SSH into the system & cd to /var/log/asterisk & start looking at the "full" log via "less". We have configured the bulk of our system via FreePBX 2.9. Inbound calls are routed first to a time condition which checks whether it is after hours. If it is not afterhours, then are then routed to a queue, which rings all phones (4 wireless DECT phones on 1 DECT wireless server that registers the SIP extensions on behalf of its 4 phones, and 4 more wireless DECT phones on their own wireless server configured the same, and an ATA connected to a paging amp that rings a loud speaker). From there, someone typically will answer the call. Often times they then transfer the call to another extension. However, sometimes no one answers the call, and it winds up going to VM.<br>
<br>