Using SNGREP

Main Screen

  • Idx: Line number column.

  • Method: Type of SIP message column.

  • SIP From: SIP message From column.

  • SIP To: SIP message To column.

  • Msgs: Numerical amount of messages column.

  • Source: Source IP and port number column.

  • Destination: Destination IP and port number column.

  • Call State: Call identifier column.

image

  • ESC Quit: escape and quit sngrep.

  • Enter: Show more information about the highlighted line item.

  • Space: After pressing the spacebar, the line is selected. With this you can select multiple lines and can be used with the F2 save option.

  • F1 Help: Gives a help menu.

  • F2 Save: Option to save the current capture session dialogs to a .pcap or .txt to a specific path and file name.

  • F3 Search: Gives the option to search in a more specific and granular way.

  • F4 Extended: Gives an extended view.

  • F5 Clear: Clear the screen.

  • F7 Filter: Like search but with more options to filter the end result.

  • F8 Settings: Adjust SNGREP settings interface, capture options, call flow options, and EEP/HEP Homer options.

  • F10: Adjust what columns are displayed on the open sngrep window.

SPAM

image

  • User-Agent: Most spam attempts will show an unwanted User-Agent like what is shown in this example.

Registration

image

image

Registration Expanded

image

image

Call Setup

image

image

Invite

image

200 OK

image

Call Completed

image

image

F7 Filter

image

F8 Settings

Interface

image

EEP/HEP HOMER

image

Call Flow

image

Capture

image