Hello community,

I have come across a few calls where a customer reports a call “dropping”. In the log files, the log file reports the call ended and hung up the call. The question I am brought is “who hung up on who?”, and unfortunately the log files do not really tell that much detail without a pcap trace, and of course, the trace was not running at the time when the call “dropped”.

This brought me to a question / idea if it works…

The idea is to run pcapsipdump -i eth0 -d /var/pcaptrace at system boot. Pcapsipdump records a separate pcap trace for every leg of the call, from the PBX to the trunk and from the extension to the PBX. My thought is that /var/pcaptrace is a tmpfs mount with a 2gb limited size and then somehow (haven’t figured out yet) the system would remove the older pcap trace files to make space for the newer ones… but how would this be possible?

Does something similar to this already exist? I was hoping there would be a module or something for Asterisk that records all calls as separate trace files and keeps only xMB amount and removes older files as needed…

Cheers,

Jon

I see this as a useful tool and would definitely recommend adding a feature request for the tool it self to be added in at:
http://issues.freepbx.org/browse/FPBXDISTRO

I created: http://issues.freepbx.org/browse/FPBXDISTRO-123

I am not sure it is the best idea to have this running full time and rotating out. It would be good to have running over a X hour period if you were trying to capture failures.

looking at the source tree they set in their settings file:
RETENTION=4

I don’t see where that is actually read but it implies it will only keep 4 days worth.