[asterisk-users] OT: Want to capture all SIP messages

Daniel Tryba daniel at tryba.nl
Wed May 31 15:04:01 CDT 2017


On Wed, May 31, 2017 at 12:36:47PM -0700, Steve Edwards wrote:
> I want to capture all SIP messages.
> 
> I have about 30 hosts in about 6 colos.
> 
> My first thought was dumpcap, but the output file name format bugs me.
> 
> What do you use for long term SIP capture?

What bugs you about the output format? There are multiple ways to
display stored information, wireshark can be extremely usefull (and
unstable) or just dump plain text by replaying the pcap with ngrep.

Ways I used so far:

-tshark to produce pcap file (-b duration:x to split up files into time
 intervals
-"sip set log on" to store it plain text in asterisk log files (or pjsip
 set logger on)
-ngrep -W byline to store it in 

Will look into in the near future:
-Homer via res_hep_pjsip
-voipmonitor (didn't know about till just now thanks to Marks reply)



More information about the asterisk-users mailing list