Getting started

First you need to download the right installation for your organisation. 

The virtual machine option already has the OS installed and Oseyus part-configured.

If you have your own Linux installation you can download the binary version of Oseyus.

Oseyus requires two network interfaces. The first is the SPAN interface that captures the SIP and RTP traffic. The second interface connects to the SRS and must have internet access. 

An RTP range is assigned to Oseyus and if behind a firewall you should allow the RTP(UDP) port range outbound (egress). Oseyus can use one of three transports namely UDP, TCP or TLS for SIP. If Oseyus is installed on the same server as your PBX then you need to ensure both Oseyus and the PBX are using separate RTP port ranges. If you are using SPAN off a switch then this not a concern.

If you have the virtual machine downloaded you will need to deploy the OVA into a VMware server like ESXi or use VMware Workstation. Simply import the OVA into the VMware environment and assign the network interfaces according to your desired topology.

The internal configuration for Oseyus is all setup. You will however have to config the product using the configuration file.

The default username is siprec and password oseyus. then use sudo -i  to get root access.

You should change this password immediately typing command: passwd siprec

The binary download version is intended for installation within an existing Linux environment. 

untar the downloaded file into a directory and run ./ This will install any dependancies and install Oseyus.

The configuration file is common to both Virtual Machine and Binary installations and must reflect your topology. We cover each option below. You will need to use vim or nano to edit the file.

Location: /etc/oseyus.conf

SIPPortUDPSIPPortTLPSIPPortTLS represent the ports used on the SRS you are connecting to. Your SIPREC vendor should provide you with this information but it is likely to be the defaults set already.

Transport. This should be the procotol used with the SRS. Be aware the TLS is the only encrypted option that also activates SRTP for secure media. Options for transport are UDP, TCP, TLS

SRS. This is the FQDN or IP address of your vendor's Session Recording Server. We recommend using IP rather than DNS for latency purposes.

RTPStart, RTPEnd. The RTP ports that will be used by Oseyus. The port range must be at least the number of calls you are expecting *2. If you install Oseyus on the same server as the PBX then the RTP range MUST be different to what the PBX is using for RTP.

DeviceSPAN. Oseyus captures the packets on this network interface from your SIP PBX and so must be connected to a SPAN enabled switch. If you install Oseyus on the same server as the PBX then this should be the LAN interface that your PBX uses.

DeviceSIPREC. This network interface should be internet facing. No ports need to be mapped to Oseyus but traffic should be allowed out.

MediaAddress. This should reflect the same public IP address as your WAN firewall interface. Oseyus does not requires any SIP ALG but instead 'preloads' the SIP headers with the correct information.

LANIPAddress. This should reflect the private IP address of the LAN interface you wish to bind to. 

WANIPAddress. This should reflect the same public IP address as your WAN firewall interface. 

WANuri. Should you want to substitute the IP into in the SIP headers uri to a FQDN then you should put your domain here. example: We highly recommend this field should be the same as the WANIPAddress.

HostName. The hostname of the server. This is displayed in the SIP User Agent Header. A suggestion might be to enter your organisation name.

TLSPem. Your TLS certificate pem file should contain both the certificate and the key in the same file. Tip: It would be a good idea to get test calls flowing in plain TCP or UDP first before configuring TLS as this is easier to diagnose.

TLSPassphrase. If your TLS certificate is protected by a passphrase then it must be entered here.

Oseyus logs the SPAN SIP capture and the SIPREC trace in text files so you can diagnose or view data. Each file is named after the SIP Call-ID. By default the Virtual Machine installation purges the logs after 8 days. You can change this in the script located in /root/scripts/ The script is run by crontab.

This logging feature is a very effective way diagnosing any issues. Note that SIPREC calls are not established with SRS until two-way communication is first established between the two SPAN SIP endpoints.

SIP tracing logs are ordered each day and located: /var/spool/oseyus/SIPLOG/

Oseyus logs stats every 60 seconds to: /var/log/syslog

Use the following command to start / stop Oseyus manually

/etc/init.d/oseyus start

/etc/init.d/oseyus stop

Please feel free to contact us at