milon21
commented
3 years ago Do you have enabled database cleaning ? (cleandatabase* options). If yes then the data was cleaned out by the sensor. Otherwise hard to say more without detailed information.
Closed AlexMaskovyak closed 3 years ago
milon21
commented
3 years ago Do you have enabled database cleaning ? (cleandatabase* options). If yes then the data was cleaned out by the sensor. Otherwise hard to say more without detailed information.
AlexMaskovyak
commented
3 years ago The table's most current partition never has data in it either (I'm checking throughout the course of the day). I assume that these parameters cause a batch operation and even if they were enabled that I'd see data prior to them being run.
Knowns: We're receiving messages. The cdr and cdr_next tables are properly propagated.
I'm looking up the parameter values now to paste here.
AlexMaskovyak
commented
3 years ago Here are the clean* parameters (and comments) exactly as they appear in /etc/voipmonitor.conf
It looks like the default values are being used for most (all?) of them.
# Removes cdr* partitions older then set number of days. If set to 0 it is disabled (default)
#cleandatabase_cdr = 0
# removes data from rtp_stat older > N days. Default is 2 days
#cleandatabase_rtp_stat = 2
#Removes register_state and failed partitions older then set number of days. If set to 0 it is disabled (default)
# cleandatabase_register_failed = 0
# cleandatabase_register_state = 0
# Sets cleandatabase_cdr and cleandatabase_register_state and cleandatabase_register_failed to the same values. Configuration first look at cleandatabase parameter then it looks for other cleandatabase_* parameters.
#cleandatabase = 0Other pertinent parameters:
# if yes, voipmonitor will not save CDR to MySQL
nocdr = nothere was data there most current partition never has data in it It's really strange. Can you share your sensor's config plus an example of raw voip traffic (sniffed on the interface) with OPT/SUBC/NOT messages. I will check it myself.
Btw. I suppose you have enabled sip-options, sip-subscribe, sip-notify* parameters in the sensor's config.
AlexMaskovyak
commented
3 years ago I have no actual evidence that data has ever been in any of the tables (no screenshots or exports of that data). So I don't take that as a given.
The options you shared are not currently enabled. Do some or all of these need to be enabled to get these data?
# analyze sip OPTION messages, default NO
sip-options = no
# store OPTIONS to disk (in extreme traffic it might overload file system), default NO
save-sip-options = no
# analyze sip SUBSCRIBE messages, default NO
sip-subscribe = no
# store SUBSCRIBE to disk (in extreme traffic it might overload file system), default NO
save-sip-subscribe = no
# analyze sip NOTIFY messages, default NO
sip-notify = no
# store NOTIFY to disk (in extreme traffic it might overload file system), default NO
save-sip-notify = noFrom perusing the code, the option(s) that might impact sip_msg saving itself seem to be related to the following: disable_save_sip_msg and possibly disable_save_call or disable_save_message or disable_save_register.
I fully admit I'm not an expert though.
milon21
commented
3 years ago Yes, you need to enable these options to start OPT/SUBS/NOT engine. The sensor will not process OPT/SUBS/NOT messages without enabling. Just create empty tables at the first start. disable_save_sip_msg is for debug purpose, don't use it if you don't know what to do :-)
AlexMaskovyak
commented
3 years ago Do I need all 6 of those options to be enabled?
AlexMaskovyak
commented
3 years ago Thanks for the help! We now have the sip_msg table propagating with the following updates to the /etc/voipmonitor.conf
sip-register = yes
# analyze sip OPTION messages, default NO
sip-options = yes
# store OPTIONS to disk (in extreme traffic it might overload file system), default NO
save-sip-options = yes
# analyze sip SUBSCRIBE messages, default NO
sip-subscribe = yes
# store SUBSCRIBE to disk (in extreme traffic it might overload file system), default NO
save-sip-subscribe = yes
# analyze sip NOTIFY messages, default NO
sip-notify = yes
# store NOTIFY to disk (in extreme traffic it might overload file system), default NO
save-sip-notify = yes
The voipmonitor.sip_msg table isn't being propagated with data. The team here has previously reported that there was data there, but we can no longer select that data. I've verified that every partition has zero rows.