{"id":4896,"date":"2019-10-24T14:33:42","date_gmt":"2019-10-24T12:33:42","guid":{"rendered":"https:\/\/nil.uniza.sk\/?p=4896"},"modified":"2021-05-13T07:29:01","modified_gmt":"2021-05-13T05:29:01","slug":"tools-for-a-quick-sip-diagnostics","status":"publish","type":"post","link":"https:\/\/nil.uniza.sk\/en\/tools-for-a-quick-sip-diagnostics\/","title":{"rendered":"Tools for a quick SIP diagnostics – ngrep, sipgrep and sngrep"},"content":{"rendered":"

Sometimes there is a need for simple and quick analysis or the troubleshooting of a SIP server and its call functions. Of course, we should use the well-known tcpdump<\/code>, mentioned in the article Using tcpdump for SIP diagnostics<\/a>. However, for some occasional Linux users this may be too difficult and unclear. Actually there exist some simpler utilities,, that could work fine, as ngrep, and for me newer sipgrep and sngrep (love at first sight).<\/p>\n\n\n\n

All utils are directly available and can be installed online from Debian repo using apt-get install ngrep sipgrep sngrep<\/code>.<\/p>\n\n\n\n

Ngrep<\/h2>\n\n\n\n

web: https:\/\/github.com\/jpr5\/ngrep<\/a> <\/p>\n\n\n\n

For years I have been using ngrep (described in Ngrep \u2013 a tool for VoIP analysis<\/a>). Preferred to save formatted messages to a file:<\/p>\n\n\n\n

ngrep -d any -p -q -W byline port 5060 > test.txt<\/pre>\n\n\n\n
or to watch on the fly (could be to fast for analysis)<\/p>\n\n\n\n
ngrep -d any -p -q -W byline port 5060<\/pre>\n\n\n\n
Sipgrep<\/h2>\n\n\n\n
web:  https:\/\/github.com\/sipcapture\/sipgrep<\/a> <\/p>\n\n\n\n
Sipgrep is a grep tool for SIP diagnostic, where opposed to generic ngrep, it allows us to focus on certain SIP fields  (To, From, Contact …). Tool highlights SIP information as the transaction and dialog information. <\/p>\n\n\n\n
For the simplest use type<\/p>\n\n\n\n
root@voip ~ # sipgrep<\/strong>\n interface: eth0 (158.193.152.0\/255.255.255.128)\n filter: (ip or ip6) and ( portrange 5060-5061) or (udp and ip[6:2] & 0x3fff != 0)<\/pre>\n\n\n\n
\"\"
sipgrep<\/figcaption><\/figure>\n\n\n\n
But sipgrep also allows to simply focus on specific SIP AORs. For example  to show all messages from SIP URI (AOR) 1765<\/p>\n\n\n\n
  sipgrep -d any -t 1763 -G  <\/pre>\n\n\n\n
\"\"
Filter calls to 1763 number<\/figcaption><\/figure>\n\n\n\n
More at man sipgrep<\/code> or project home page<\/a>.<\/p>\n\n\n\n
Sngrep<\/h2>\n\n\n\n
web:  https:\/\/github.com\/irontec\/sngrep<\/a> <\/p>\n\n\n\n
A big surprise for me, the great tool sngrep<\/code>, Provides a nice overview of what is happening on a SIP Server arranged on a dialog view. We may move using arrows keys and using enter and Esc keys simply look into each SIP message of the dialog.<\/p>\n\n\n\n
Features:<\/p>\n\n\n\n