Two other suggestions:
1. The
ONsip.org script package contains two scripts that you can use to
generate ngrep traces in various log files based on time, as well as a way
to search. Maybe not exactly what you want, but I have found this approach
to be reasonably efficient (see exerpt from README.ONSIP below)
2. Start a tcpdump with rotatelogs (see start_ngrep) and then use
sip_scenario to generate the traces you want to a directory accessible
through a web server
Both approaches require a cron clean-up job to delete old logs dependent on
your disk space.
And BTW, using a hub instead of a switch in front of your ser server means
that you can set up a dedicated listener like Paul suggested without vlan.
g-)
What you will find in this package:
start_ngrep
---------------
A small script to start ngrep in a way where all SIP messages are logged to
files in /var/log/sip/.
Must be started as root. Assumes that ngrep version >1.42 is already
installed. The log files will be
rotated every 24 hours starting 24 hours from the time you run start_ngrep.
siplogs
--------------
Usage: siplogs regex [siplog-filename]
If start_ngrep has been run and ngrep is running as a process, siplogs can
be called with one parameter
like this: 'siplogs 1237890'
This will filter out all SIP messages with 1237890 found somewhere in the
message. Only messages found in
the last logfile will be searched (i.e. < 24 hours ago dependent on when you
started start_ngrep) siplogs
can also take a second parameter: siplogs 1237890 sip.1114992000 and thus
specify the log file (in
/var/log/sip/) that you want to search through.
The first parameter is a regular expression(awk), so you can for example run
'siplogs "^INVITE|^ACK"' to
filter out all INVITE and ACK messages.
----- Original Message -----
From: "Iqbal" <iqbal(a)gigo.co.uk>
To: <serusers(a)lists.iptel.org>
Sent: Monday, October 03, 2005 04:59 PM
Subject: [Serusers] logging of SIP dialog
Hi
Has anyone come up with a scalable method to log the complete SIP trace of
ALL calls, i.e to separate files etc
Ngrep is greate for a few, but I want to be able to track all calls, for
various purposes
Iqbal
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers