7.1. Overview of Monitoring and Troubleshooting TechniquesΒΆ

The ABC SBC and its accompanying monitoring product, ABC Monitor, are designed to provide real-time insight into service health and user behaviour for sake of troubleshooting, trending and security. Routine monitoring and troubleshooting is a key part of a SIP service life-cycle. It is also a complex one: the amount of traffic an SBC must handle is enormous and finding abnormal patterns in such quantity is not entirely easy. This is especially true when the service is exposed to a larger user population and is running on the public Internet. Also varying degree of SIP compliance of attached devices often causes unexpected behaviour.

Any abnormal service patterns can have a variety of reasons including unusual traffic caused by a security attack or broken devices, or administrative shortcomings such as a misconcepted rule-base or an underdimensioned system. Even if an abnormal situation does not impact a SIP service as whole but only a particular user it is important to find out what is happening.

Identifying presence and root causes of abnormal situations therefore requires solid data about the operation of the service. Here a virtue of the ABC SBC comes in play: it produces a lot of data reporting on the status of operation. In fact the number of bytes produced for monitoring typically exceeds the number of bytes used for the actual SIP signaling. What may seem disproportional is the recipe for the capability to understand and keep the status of operation smooth at any time. Good operational decisions can only be made with reliable intelligence.

In the following chapters we will discuss various methods how to monitor an ABC SBC-powered SIP service operation.

The most detailed and therefore powerful method to monitor the operation is using the events produced by the ABC SBC (if the event license is installed). The ABC SBC “documents” what SIP users are doing by issuing a report called event on every important user activity: registering, unregistering, failing to authenticate, completing a call, and so on and so forth. An administrator can even produce his own custom events. The events provide a history of user activity which can be looked backed at and analyzed. In a way, it tries to act as secret police would: it holds “files” on the observed subject that include an exhaustive gap-free activity history. At the same time, the overall collection of events also provides aggregated insights into the overall service health and can be used for example to see how the service usage varies in course of a day. The events are described in the Section Events (optional).

The events do indeed come in a quantity that may make nailing down a problem or identifying a trend a tedious task. Therefore the ABC Monitor is available from frafos to aggregate and filter the events. Using the ABC Monitor is documented in the section ABC Monitor (Optional). In addition to user events, the ABC Monitor also shows the utilization of the system. If a situation requires, the ABC Monitor collects even traffic bits: SIP or even RTP data passing the ABC SBC. This is explained in the section Diagnostics Dashboard.

The next chapter, Using SNMP for Measurements and Monitoring shows how to monitor the overall system health using SNMP. SNMP is the industry standard for monitoring system health and is supported by many third-party monitoring tools, both commerical and open-source. The frafos ABC SBC reports various OS-related and SIP-related counters using SNMP and can also report custom-based ones.

Additional diagnostic information is available directly in the SBC GUI. There is real-time GUI view of established calls and cached registration entries described in Section Live ABC SBC Information. There is also a possibility to review most recent traffic at IP layer as described in Section User Recent Traffic.

Additional methods for determining service status data are eventually described in the Sections Command-line SBC Process Management and Additional Sources of Diagnostics Information.

Previous topic

7. Monitoring and Troubleshooting

Next topic

7.2. ABC Monitor (Optional)

This Page