Skip to content

Example: AVAYA Logs

Jump to bottom
Lorenzo Mangani edited this page Aug 22, 2017 · 6 revisions

AVAYA Logs

This example recipe will convert Avaya SM Application logs to SIP/HEP-JSON format, shipped to a HEP Capture Server via output_hep module, and designed for cases where encrypted communication is unavailable off-the-wire.

Status
  • Working Alpha: testers welcome!

Dependencies

paStash needs the optional filter_app_avaya and moment modules installed in order to use this recipe.

# git clone https://github.com/sipcapture/paStash
# cd paStash/
# npm install
# npm install moment

Recipe

input {
  file {
    path => "/var/log/your_avaya_log.log"
    #    start_index => 0
  }
}

filter {
  app_avaya {}
}

output {
  if [rcinfo] != 'undefined' {
        hep {
          host => '127.0.0.1'
          port => 9060
          hep_id => 2222
          hep_type => 1
        }
  }
}

Usage

./bin/pastash --config_file=/path/to/pastash_avaya.conf

Reference

Aug 22 10:24:11 hostname local2 AasSipMgr[25607]: +02:00 2017 584 1 com.avaya.asm | 1 com.avaya.asm  SIPMSGT #012--------------------#01222/08/2017 10:24:11.584 <-- #012#011octets: 565, Body Length: 0#012#011ingress: { L10.0.0.1:44364/R10.0.0.2:15061/TLS/0xa }#012#011egress: { L10.0.0.3:5061/R10.0.0.4:56975/TLS/0x14 }#012#011APMsgContext: {#012#011#011OOD Req: false, TH: true, instance: true, isSIPS req'd: false, closeOnSend: false, targeted: true, loose target: false, DNS pending: false, toSD: false, flow token: "20", resp retries: 0, req retries: 0,#012#011#011FGMbrInstance: { <undefined> }#012#011#011FailedAssetListener: { <undefined> }#012#011#011APTarget: { Listener: { 10.0.0.2:5061 }, UID: 0 }#012#011}#012--------------------#012SIP/2.0 200 OK#015#012Call-ID: 608040fb_15e090aba3d#015#012CSeq: 463566 OPTIONS#015#012From: <sip:10.0.0.1:5060>;tag=592661102#015#012To: <sip:10.0.0.3:5061;sn=ASM1>;tag=03477566981702018_local.1493292998168_6091976_6095397#015#012Via: SIP/2.0/TLS 10.0.0.3:5061;branch=z9hG4bK-103d4d4-f6f75c29-400f8a53-0x7fdd70292
Aug 22 10:24:11 hostname local2 AasSipMgr[25607]: +02:00 2017 584 1 com.avaya.asm | 1 com.avaya.asm  SIPMSGT+ 380#015#012Record-Route: <sip:someuser@10.0.0.3;lr;transport=TLS>#015#012Av-Global-Session-ID: 468c7cf0-8713-11e7-938b-00505690a070#015#012Server: AVAYA-SM-7.0.1.2.701230#015#012Contact: <sip:10.0.0.3:5061;transport=tls;sn=ASM1>;+av-sci#015#012Content-Length: 0#015#012#015#012#012--------------------
PaStash
Distribution
Logging
Examples
HEP+VoIP Examples
Clone this wiki locally