Last active
August 29, 2015 14:05
-
-
Save nickrobinson/e605d1ad9ac0447bf709 to your computer and use it in GitHub Desktop.
SIPHawk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BEGIN {foundMatch = 0; containsId = 0; lineCounter = 0;} | |
| { | |
| if($4 == "Tx:" || $4 == "Rx:") { | |
| lineCounter = 0; | |
| delete lineArray; | |
| } | |
| if($2 == "SIP.STACK" && ($4 != "Tx:" && $4 != "Rx:")) { | |
| containsId = index($0, callID) | |
| if(containsId > 0) { | |
| foundMatch = 1; | |
| } | |
| lineArray[lineCounter] = $0; | |
| lineCounter++; | |
| } | |
| else if($2 == "SIP.STACK" && foundMatch == 0){ | |
| containsId = index($0, callID) | |
| if(containsId > 0) { | |
| foundMatch = 1; | |
| } | |
| lineArray[lineCounter] = $0; | |
| lineCounter++; | |
| } | |
| else { | |
| if(foundMatch) { | |
| for (x = 0; x < lineCounter; x++) { | |
| print lineArray[x]; | |
| } | |
| } | |
| lineCounter = 0; | |
| foundMatch = 0; | |
| containsId = 0; | |
| } | |
| } | |
| END { } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SIPHawk
Overview
Often when debugging call logs from customers it becomes burdensome to go through the log trying to parse out the SIP messages that you care about. This is the script that I use to quickly extract only the SIP messages I care about(matching a certain call id) to another file.
Dependencies
On UNIX based distributions you can use the awk tool in order to run this script. On Windows you can run the tool using gawk
Example
In order to filter a file called callLog.txt and only grab entries with the call id 58590f0 do the following:
awk -f /data/SIPHawk.awk -v callId="58590f0" callLog.txt