Two other suggestions: 1. The ONsip.org script package contains two scripts that you can use to generate ngrep traces in various log files based on time, as well as a way to search. Maybe not exactly what you want, but I have found this approach to be reasonably efficient (see exerpt from README.ONSIP below) 2. Start a tcpdump with rotatelogs (see start_ngrep) and then use sip_scenario to generate the traces you want to a directory accessible through a web server
Both approaches require a cron clean-up job to delete old logs dependent on your disk space. And BTW, using a hub instead of a switch in front of your ser server means that you can set up a dedicated listener like Paul suggested without vlan. g-)
What you will find in this package:
start_ngrep --------------- A small script to start ngrep in a way where all SIP messages are logged to files in /var/log/sip/. Must be started as root. Assumes that ngrep version >1.42 is already installed. The log files will be rotated every 24 hours starting 24 hours from the time you run start_ngrep.
siplogs -------------- Usage: siplogs regex [siplog-filename] If start_ngrep has been run and ngrep is running as a process, siplogs can be called with one parameter like this: 'siplogs 1237890' This will filter out all SIP messages with 1237890 found somewhere in the message. Only messages found in the last logfile will be searched (i.e. < 24 hours ago dependent on when you started start_ngrep) siplogs can also take a second parameter: siplogs 1237890 sip.1114992000 and thus specify the log file (in /var/log/sip/) that you want to search through. The first parameter is a regular expression(awk), so you can for example run 'siplogs "^INVITE|^ACK"' to filter out all INVITE and ACK messages.
----- Original Message ----- From: "Iqbal" iqbal@gigo.co.uk To: serusers@lists.iptel.org Sent: Monday, October 03, 2005 04:59 PM Subject: [Serusers] logging of SIP dialog
Hi
Has anyone come up with a scalable method to log the complete SIP trace of ALL calls, i.e to separate files etc Ngrep is greate for a few, but I want to be able to track all calls, for various purposes
Iqbal
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers