2 like 0 dislike
284 views
I want to capture SIP logs and want to see realtime sip logs, so can you guide me how to install sngrep utility on centos and commands if possible
asked Nov 29, 2017 in Education & Reference by Sam (1,420 points) | 284 views
    

1 Answer

1 like 0 dislike

To install sngrep you will need:

Connect to the SBC via SSH as a root
At CLI level create the repo file:
vi /etc/yum.repos.d/irontec.repo

[irontec]
name=Irontec RPMs repository
baseurl=http://packages.irontec.com/centos/6/$basearch/

Install Repository Public Key:
rpm --import http://packages.irontec.com/public.key

Install Package
yum -y install sngrep

At this point you are ready to stat using sngrep

Command line arguments

There are some arguments that can be used from the command line to change the default sngrep behaviour

sngrep [-hVciv] [-HL udp:addressport] [-IO pcap_dump] [-d dev] [-l limit] [-k keyfile] [] []
-h or --help: Display help and usage information
-V or --version: Display version information
-I or --input : Read packets from pcap file instead of network devices. This option can be used with bpf filters
-O or --output : Save all captured packets to a pcap file
-d or --device : Live capture from network device (by default, sngrep captures from all devices)
-k or --keyfile : Use private keyfile to decrypt TLS captured packets
-c or --calls: Only display dialogs starting with an INVITE request
-l or --limit: Change default capture limit
-i or --icase: Make match expression case insensitive
-v or --invert: Invert match expression
-N or --no-interface: Don't display sngrep interface, just capture
-q or --quiet: Don't print captured dialogs in no interface mode
-D or --dump-config: Print configured keybindings and settings after reading system and user resource files.
-H or --eep-send: Send captured data to other Homer/sngrep (udp:10.10.10.10:9060)
-L or --eep-listen: Received captured data from other captagent/sngrep (udp:10.10.10.10:9060)
: Match given expression in Messages' payload. If one request message matches the given expression, the following messages within the same dialog will be also captured.
: Filter captured/readed packets using a BPF filter
For example, capturing all SIP packets from all devices that has source or destination port 5060

sngrep port 5060


Or displaying SIP packets from eth0 device that has as source or destiny 192.168.0.50 through the 5061 port, saving them to /tmp/sip_capture.pcap

sngrep -d eth0 -O /tmp/sip_capture.pcap host 192.168.0.50 port 5061


Or displaying all SIP packets for a given host in sip_capture.pcap PCAP file

sngrep -I /tmp/sip_capture.pcap host 10.10.1.50

answered Nov 29, 2017 by Ruksar

Related questions

1 like 0 dislike
1 answer
0 like 0 dislike
1 answer
asked Nov 16, 2013 in Education & Reference by Sam (1,420 points) | 693 views
1 like 0 dislike
1 answer
0 like 0 dislike
1 answer
asked Nov 29, 2017 in Education & Reference by Krish (880 points) | 455 views
1 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Sep 7, 2017 in Education & Reference by Krish (880 points) | 17 views
0 like 0 dislike
1 answer
asked Oct 26, 2017 in Education & Reference by Sam (1,420 points) | 15 views
0 like 0 dislike
1 answer
1 like 0 dislike
1 answer
0 like 0 dislike
1 answer

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

Mathe Forum Schule und Studenten
1,161 questions
1,297 answers
271 comments
1,558 users