SNGREP is a powerful tool for real-time monitoring and analyzing SIP signaling and RTP streams. This documentation outlines how to use SNGREP to diagnose communication issues, capture packets, and export data for detailed analysis.
Features:
Step 1:
SSH into your VitalPBX server, and start SNGREP (with root privileges) by running the following command:
sngrep
Step 2:
To filter SIP traffic, you can limit the capture to a specific port by running the SNGREP command with the desired port. For example, to monitor port 5060 (the default SIP port), you can run:
sngrep port 5060
Step 3:
Select the Appropriate Network Interface: If your server has multiple network interfaces, make sure to choose the correct one within the SNGREP interface to capture only the relevant traffic. Alternatively, you can specify the interface directly when starting SNGREP by using the -d flag.
For example, to monitor traffic on the eth0 interface, run:
sngrep -d eth0
Step 4:
Analyze the Captured Traffic:
Step 1:
You can start SNGREP normally and press F7 to open the Filter Options menu, which allows you to filter for specific traffic types such as INVITE, REGISTER, OPTIONS, etc.
This menu option in SNGREP allows you to apply specific filters to narrow down the captured SIP traffic, making analysis more targeted and efficient. Here’s a breakdown of its utility:
At the bottom:
Practical Use
This menu is especially valuable when:
Step 2:
Enable RTP Capture: To start SNGREP with RTP traffic capture, initiate the tool using the -r flag. This is useful for inspecting audio quality.
sngrep -r
Press F7 and Configure Filters:
Verify RTP in the Session View: During Calls:
Step 3:
If SNGREP does not provide sufficient detail about packet loss or jitter, export the session to a PCAP file. From the SNGREP interface, press F2 and choose a location to save the capture.
Step 1:
SIP Call Errors:
Step 2:
RTP Issues:
Step 3:
Tracking Specific Calls:
sngrep -N -q -l 100 -O /tmp/sngrep_$(date +%Y%m%d_%H%M%S).pcap
Key | Function | Description |
ESC | Quit | Escape and quit sngrep. |
Enter | Show | Show more information about the highlighted line item. |
Space | Select | After pressing the spacebar, the line is selected. With this you can select multiple lines and can be used with the F2 save option. |
F1 | Help | Gives a help menu. |
F2 | Save | Option to save the current capture session dialogs to a .pcap or .txt to a specific path and file name. |
F3 | Search | Gives the option to search in a more specific and granular way. |
F4 | Extended | Gives an extended view. |
F5 | Clear | Clear the screen. |
F7 | Filter | Like search but with more options to filter the end result. |
F8 | Settings | Adjust SNGREP settings interface, capture options, call flow options, and EEP/HEP Homer options. |
F9 | Clear with Filter | Clear the screen with filter. |
F10 | Columns | Adjust what columns are displayed on the open SNGREP window. |
Function | Description |
sngrep | Capture all network traffic on all interfaces. |
sngrep port 5060 | Capture only SIP traffic on the default SIP port (5060). |
sngrep -d eth0 | Capture traffic only on the specified network interface (eth0). |
sngrep -r | Start Sngrep with RTP Traffic Capture |
sngrep -O capture.pcap | Save captured traffic to a PCAP file for later analysis. |
sngrep -I capture.pcap | Read packets from pcap file instead of network devices. This option can be used with bpf filters. |
sngrep “^INVITE” | Match given expression in Messages’ payload. If one request message matches the given expression, the following messages within the same dialog will be also captured. |
sngrep host 192.168.1.100 | Capture traffic involving a specific IP address. |
sngrep -l 2000 | Change default capture limit (2000 dialogs) Limit must be a numeric value above 1 and can not be disabled. This is both security measure to avoid unlimited memory usage and also used internally in sngrep to manage hash table sizes. |
sngrep -c | Only capture dialogs starting with an INVITE request. |
400 Bad Request |
401 Unauthorised |
402 Payment Required |
403 Forbidden |
404 Not Found |
406 Not Acceptable |
407 Proxy Auth Required |
408 Timeout |
410 Gone |
480 Temporarily Unavailable |
481 Call/Transaction Does Not Exist |
484 Address Incomplete |
486 Busy Here |
488 Not Acceptable Here |
500 Server Internal Error |
502 Bad Gateway |
503 Service Unavailable |
600 Busy Everywhere |
603 Decline |
With this enhanced guide, you can effectively use Sngrep to diagnose and resolve issues in your VitalPBX PBX. From real-time monitoring to exporting for external analysis, Sngrep is an essential tool to maintain your system’s quality and efficiency.
We are pleased to announce the release of VitalPBX 4.2.0 R2, featuring expanded API functionality, improved system security, and essential bug fixes. This update reinforces
VitalPBX 4.5.0 R3 enhances API capabilities with new endpoints, improves system security, and fixes critical issues including tenant isolation and Let’s Encrypt integration.
Introduction SNGREP is a powerful tool for real-time monitoring and analyzing SIP signaling and RTP streams. This documentation outlines how to use SNGREP to diagnose
VitalPBX provides a robust and scalable platform, which will allow you to manage your PBX in an easy and intuitive way.
2292 NW 82nd Ave HB 002998 Miami, Florida 33198.
Email: sales@vitalpbx.com
At VitalPBX, your feedback is crucial. If our system has benefited your business, please leave us a review on Trustpilot. Thank you!