How to Get Syslog and Ethernet Packets from Grandstream Devi

Description

If you are new to telephony networking and troubleshooting, this guide shows you step-by-step in setup and configuring the parameters to capture the packets locally in Grandstream devices.

When we run into telephony issues (for eg. no audio, BLF keys are not working, unable to make calls, etc), in order to have the Support and Developer teams identify the root cause, we need to get logs and system information from the devices:

a. System Information under Status > System Info > Download System Information (available in GRP26XX, WP8XX, and GXP21XX models only)

b. *Syslog at (Extra) Debug level under Maintenance

c. *Packet Capture under Maintenance

d. Core Dump under Status > System Info (for freezing issues only)

e. Internal Syslog Capture under Maintenance > Syslog. It is able to capture the supplicant logs to flash (available in WP810 only)

Grandstream Windows Syslog Utility tool

Recently, we have added a Syslog Utility – a Windows tool to collect Grandstream products (especially ATAs and Gateways) Syslog for troubleshooting purposes.

Replicating the issue

Make sure that you enable the log before you make a test call or replicate the issue/ scenario. Stop or end the log capture when the call disconnects.

Figure 1: Timeframe between the start and stop of the log capture

Getting Started

System Requirements

a. A laptop or PC

b. Networking switch (unmanaged)

c. Phones

How to

Step 1: Download Wireshark to your laptop or PC. Then, connect your phones to a laptop via a networking switch or make sure they are in the same LAN network.

Step 2: Log in to the phone’s Web GUI > Maintenance > Syslog and configure the following

Syslog Protocol: UDP
Syslog Server: IP address of your laptop (which has the Wireshark app installed)
Syslog Level: DEBUG
Send SIP Log: Yes

Step 3: Click Save and Apply, followed by a Reboot to take effect immediately.

Figure 2: Save and Apply the Syslog configuration, followed by a Reboot to take effect immediately.

If you do not have a switch, you can configure Mirrored PC Port Mode under Network > Advanced Setting. Then, connect your laptop directly to the phone’s PC port and capture the live Syslog messages.

Figure 2a: Configuring PC port mode to Mirrored allows the traffic in the LAN port to go through the PC port. Thus, the packets can be captured by connecting a laptop/PC to the phone’s PC port.

Step 4. Next, launch the Wireshark application, select the correct Interface and click Start

Figure 3: Select the correct interface and click Start to capture the traffic.

Step 5. Apply the filter ‘syslog && ip.addr == <Phone’s IP>’ to make sure you capture the live Syslog messages of the phone

Figure 4: Live traffic of Syslog messages

Step 6. Now, replicate your issue

Step 7. Once it completes, click the Stop button and save as pcap format

Figure 5: Click Stop to end the packet capture

**NOTE: You may configure Syslog Server: http://syslog1.grandstream.com/. Grandstream Support team would retrieve the files from the internal portal. Make sure your phones are able to access the URL.