In this section:
The Call Accounting Manager (CAM) generates Call Detail Records (CDRs) and supports accounting events logging to the
SBC users are currently segregated into the following groups which define the privileges of each user. Access to data/commands is allowed/prevented based on the group of the user who is trying to acquire the access.
Since the RADIUS protocol does not provide a means to assign users to a group, the implementation currently hard codes every RADIUS authenticated user to the Administrator group.
For detailed information on RADIUS authentication, refer to Configuring SBC for RADIUS Authentication.
As calls traverse the SBC, Call Detail Records (CDRs) are generated and stored in /var/log/sonus/evlog/evlog
directory. You can view these CDR by looking at files with the “.ACT” extension. It is useful to view these ACT logs during call debugging (to get the originating trunk group, calling and called numbers, codec used, etc.).
You may also view billing records (and other logs) from the EMA Platform Mode. See Administration - Accounting and Logs for more information.
When downloading billing records (or other logs), you must use port 2024 to SFTP files off of the SBC.
This section describes the ASCII and streaming Call Detail Record (CDR) format.
SBC may insert non-ASCII characters in CDRs when messages are parsed in the initial INVITE.
Various
For more information on known limitations, see the applicable release notes at SBC Release Information page.
See CDR Examples page for example CDRs.
See CDR to VSA Mapping page for a mapping of CDR fields to Vendor Specific Attribute (VSA) fields for RADIUS servers.
See Vendor Specific Attributes Reference for a complete listing of
The CAM version of
Sonus Networks, Inc.00000000FF600000540000000000000060V05.01.00 00000000000000000000000000000000000ACT2014112715113200000000000000.
Every event log file, including accounting logs, contains a file header. This header consists of a 128-character string terminated by a carriage return. Each field in the event log file header is defined in the following table:
The one line footer, below, is appended to each log file (including accounting logs) when the file is closed under controlled conditions.
DDMMYYYY HHMMSS: File administratively closed.
Controlled conditions include CLI commands (for example, set oam eventLog
typeAdmin
acct rolloverAction
...) and automatic roll-overs when maximum file size is reached.
When an uncontrolled file closure occurs, such as an
If the CDR server is configured,
To create the CDR server, use the following command syntax:
% set oam accounting cdrServer admin [primary | secondary] connectionTimeout <numeric: 15 to 600 seconds> filePrefix <name of SBC> ipAddress <ip address> password <password for ftp user> path <directory to ftp to> transferTimeout <numeric: 15 to 600 seconds> username <username of ftp user>
An example to show the CDR server configuration and check the configuration is as follows:
admin@SBC01> config admin@SBC01% set oam accounting cdrServer admin primary connectionTimeout 15 filePrefix SBC01 ipAddress 10.10.211.10 password sonus path /export/home/SBC01ACTrecs/ transferTimeout 15 username root admin@SBC01% commit admin@SBC01% quit admin@SBC01> show table oam accounting cdrServer admin FILE CONNECTION TRANSFER TYPE IP ADDRESS USERNAME PASSWORD PATH PREFIX TIMEOUT TIMEOUT -------------------------------------------------------------------------------------------------------------- primary 10.10.211.10 root $3$qaO71mBy8l8= /export/home/SBC01ACTrecs/ SBC01 15 15 [ok][2013-10-02 06:14:49] admin@SBC01>
Initially, the accounting field is not set to ftp or automatically roll over. Use the following command to view Rollover setting for accounting (See "acct" row in the example):
admin@SBC01> show table oam eventLog typeAdmin MESSAGE FILE SYSLOG SYSLOG SYSLOG RENAME FILE FILE QUEUE SAVE FILTER ROLLOVER START ROLLOVER ROLLOVER WRITE SYSLOG REMOTE REMOTE REMOTE OPEN TYPE STATE COUNT SIZE SIZE TO LEVEL TIME INTERVAL ROLLOVER TYPE ACTION MODE STATE HOST PROTOCOL PORT FILES ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- system enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled debug enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled trace enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled acct enabled 16 64000 32 disk info - 0 nonrepetitive stop optimize disabled 0.0.0.0 tcp 514 disabled security enabled 16 16000 32 disk major - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled audit enabled 32 2048 10 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled packet enabled 32 2048 10 disk major - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled [ok][2013-10-02 06:41:58]
To create the accounting file rollover and ftp, use the following command syntax:
% set oam eventLog typeAdmin acct rolloverStartTime <CCYY-MM-DDTHH:MM:SS> rolloverInterval <number of seconds between each file rollover> rolloverType repetitive rolloverAction start where 'T' in 'DDTHH' is a constant used to indicate the Time follows.
An example of the configuration and display of the accounting file rollover and ftp is as follows:
admin@SBC01% set oam eventLog typeAdmin acct rolloverStartTime 2013-10-02T06:30:00 rolloverInterval 900 rolloverType repetitive rolloverAction start [ok][2013-10-02 06:41:25] [edit] admin@SBC01% commit Commit complete. [ok][2013-10-02 06:41:28] [edit] admin@SBC01% quit admin@SBC01> show table oam eventLog typeAdmin MESSAGE FILE SYSLOG SYSLOG SYSLOG RENAME FILE FILE QUEUE SAVE FILTER ROLLOVER START ROLLOVER ROLLOVER WRITE SYSLOG REMOTE REMOTE REMOTE OPEN TYPE STATE COUNT SIZE SIZE TO LEVEL TIME INTERVAL ROLLOVER TYPE ACTION MODE STATE HOST PROTOCOL PORT FILES ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- system enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled debug enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled trace enabled 16 16000 32 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled acct enabled 16 64000 32 disk info 2013-10-02T06:30:00 900 repetitive start optimize disabled 0.0.0.0 tcp 514 disabled security enabled 16 16000 32 disk major - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled audit enabled 32 2048 10 disk info - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled packet enabled 32 2048 10 disk major - 0 nonrepetitive stop default disabled 0.0.0.0 tcp 514 disabled [ok][2013-10-02 06:41:58]
View CDR Server status using the following command:
admin@SBC01> show table oam accounting cdrServer status SUCCESSFUL FAILED PENDING TYPE STATE PROGRESS TRANSFERS TRANSFERS TRANSFERS ------------------------------------------------------------- primary active done 3 0 0 [ok][2013-10-02 07:27:19]
Verify that the files were transferred to the FTP server by logging in to the CDR server and executing the following command:
ftp server: root@hostname # pwd /export/home/SBC01ACTrecs root@hostname # ls -l total 708 -rw-r--r-- 1 root other 346730 Oct 2 06:45 SBC01.20131002064500.1000022.ACT -rw-r--r-- 1 root other 175 Oct 2 07:00 SBC01.20131002070000.1000023.ACT -rw-r--r-- 1 root other 175 Oct 2 07:15 SBC01.20131002071500.1000024.ACT root@hostname #
Execute the following command to view the successful and failed CDR file transfer:
% show table oam accounting cdrServer status SUCCESSFUL FAILED PENDING TYPE STATE PROGRESS TRANSFERS TRANSFERS TRANSFERS --------------------------------------------------------- primary active done 2 0 0 secondary standby idle 0 7 0
The SBC RADIUS application uses standard attributes from the RADIUS when possible. For CDR fields that cannot be mapped to the standard attributes, vendor-specific attributes are defined. The
The SBC application maintains a configurable maximum of up to 1024 accounting files. Once the configured limit of files is reached, the application deletes the oldest files first to accommodate the new files.
When accounting file names reach the maximum value of 1FFFFFF.ACT, the next file name rolls over to 1000001.ACT. Use the “Rename Open Files” flag to rename the most recent accounting file with the ”ACT.OPEN” extension. This flag is accessible from the EMA at “System Configuration” > “CDR and Servers” tab.
The Global Charge Reference (GCR) feature allows correlation of calls across networks where the calls are originated from and terminated at different third-party devices. The GCR field is populated in the CDRs of the SBC if the GCR is received in a gateway protocol message from a GSX9000.
The GSX9000 receives or generates the GCR parameter through an ISUP parameter. The GCR is used in conjunction with SIP call-id’s to associate calls that interwork between SIP and ISUP protocols across multiple network devices.
RADIUS is a standardized protocol for supporting Authentication, Authorization, and Accounting (AAA) management in a distributed client-server architecture. The SBC acting as a RADIUS client can send call-accounting records to an external RADIUS server. For a description of Sonus CDR to RADIUS VSA field mapping, please see Managing Billing Records.
The following message types are supported by RADIUS protocol:
The accounting request and its response for a transaction methodology is described below.
The accounting-request contains the Accounting-Status-Type with the value "Stop". The primary purpose of this data is to bill the user. The data is also used for statistical purposes and for general network monitoring.
To configure up to three RADIUS servers per SBC, see Accounting - CLI.
To configure SBC for RADIUS authentication, see Configuring SBC for RADIUS Authentication.
The SBC includes the ability to rename a currently-open accounting file using a known suffix to make it easily identifiable by external applications. To activate this feature, simply enable the flag “Rename Open Files” using EMA GUI or CLI.
CLI syntax example:
% set oam eventLog typeAdmin acct renameOpenFiles enable
Once this flag is enabled, on the next accounting file open activity, the suffix .OPEN is appended to the filename using the format <shelf><sequence number>.ACT.OPEN (currently open files are not affected).
For example, as accounting file 1000099 is created with this feature already enabled, the file is named “1000099.ACT.OPEN”.
For configuration details, see:
The
The
For more details, see Rf Interface Support page in the Managing Billing Records section.
ACT
) to the CDR server through a user configured port. The following parameters are added in CDR server configuration to set remote port and ssh key based authentication:
cdrPort
useSshKeyFile
generateSshPublicKeys
User can either use the existing username/password or the SSH public key to authenticate with the remote CDR server. The parameter useSshKeyFile
must be enabled to generate the SSH public key.
To generate a new SSH public key, execute the following command:
% request oam accounting cdrServer admin primary generateSshPublicKeys
The generated SSH public key must be installed on CDR server to use ssh key based authentication from SBC. The SSH public key must be copied to the remote CDR server file /home/<user>/.ssh/authorized_keys.
If the private key is compromised, the key must be re-generated. Once the key is re-generated, the CDR server must be updated with the new key.
The configured user must have access to /home/<user>/.ssh
for reading the public key.
% set oam accounting cdrServer admin primary cdrPort 2024
Using the SSH public key for CDR server authentication contains:
To enable SSH key based authentication, execute the following command:
% set oam accounting cdrServer admin primary useSshKeyFile Enable
To generate a new SSH public key, execute the following command:
% request oam accounting cdrServer admin primary generateSshPublicKeys result success reason ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDclSOlVfVmmhatw5bDQRk7AaYvCRUUfHHbSvkCBb4T8zYdJ8JNw15rMSKk9hEkVdtEEZRJU4Q97C+3LbPknZrIMM+zmSRYmh2/LkGAlydSJ+sPe9i7zWFOLYeA3gitaKJSPgSjdb4WGgDq686Ei4yup9xYDbT8wAcosQsf3tfbqH2GetNJ8tAs3KjRi7FPhH1hHdXVyH0yW1mdGlMYvoFUeFCRjhE81oJhy2jMTJD9T3eQiJo4NZQZYOgALMQPi8fxaAgnuWmvrejNTn/PgRyGpQEs7HFHkX5zHW5M74PU/Z3S3Y2uSZlYrCQRf9Y2mUiK5R40bjsKz4TqIP5LfzhX [ok]
The SSH public key is copied to the remote CDR server file /home/<user>/.ssh/authorized_keys
.
For configuration details, see: