Anyone know of a good cheap or free Sip monitoring software (or even cheap hardware). I want to be able to easily search through calls and pull a sip ladder diagram for troubleshooting and learning (will be for my home lab). Anyone have any suggestiong?
Perhaps start with:-
pcapsipdump/wireshark
both free.
Wireshark is one of the best tools available for this, but comes with a steep learning curve. About 90% of the SIP signalling issues I deal with are solved using sngrep. It is so useful, it comes pre-installed in the 14 Distro. Run sngrep at the bash prompt and have fun inspecting sip packets.
5 Likes
@lgaetz Wow, that was very helpful to learn of sngrep being part of the 14 distro. Thank you, I find it very useful.
1 Like
So with a bit of a nudge from @lgaetz , I would replace wireshark with sngrep for “simple” (the wireshark will still work for the audio listening bit)
install and run pcapsipdump
http://pcapsipdump.sourceforge.net/
install sngrep
make sure that midnight commander (mc) is installed
add
# pcap
regex/\.pcap$
Open=sngrep -I %f
to /etc/mc/mc.ext at the end of the file before the “### default ###” bit
then
mc /var/spool/pcapsipdump/
would get you to the base of the historical and granular sessions to explore.
For those that like Homer but aren’t in the position to add the hep stuff to asterisk yet (has to be all pjsip, but Asterisk 15 might fix that), then add to /etc/rc.local
nohup sngrep -H udp:your.homer.server.address:9060 -r -N -q &
by default sngrep in realtime will
a) use a lot of resources
b) just stop and be useless after 20000 sessions, which can easily be reached on a busy system if you are watching options and registrations (yes you can change the 20000, but the resource usage might then be a greater problem)…