Yeah, its for troubleshooting, but I suspect people will use it for charging. Hisham 2009/3/27 Hadriel Kaplan <HKaplan@xxxxxxxxxxxxxx>: > > If the purpose of it is troubleshooting, or threat analysis type stuff, I think the following format satisfies the needs as well: > http://wiki.wireshark.org/Development/LibpcapFileFormat > > The advantages: > 1) There's running code > 2) There's open source, on all operating systems, and also for commercial use > 3) It's used by many people > 4) There are many tools which accept/process it > 5) It's fast to write/save > 6) It supports a sub-second timestamp > 7) It supports length encoding of packets, so you can skip past them > 8) It supports truncated saving of packets, so you don't have to save all of very big ones > 9) It records the method name or response code very early in the saved log entry for each packet > > Disadvantages: > 1) Nothing much new to specify, except to document it? > 2) It's a little tricky for SIP/TLS, where you basically have to create fake segments/packets for the low layers, and same may be true for SIP/TCP depending on when you record the log > 3) It doesn't provide a way to report internal system events/actions/info (although we could fix that) > 4) Afaik, there is no specific remote push/streaming mechanism for it defined (there was an attempt at it, but not final) > > -hadriel > >> -----Original Message----- >> From: sipping-bounces@xxxxxxxx [mailto:sipping-bounces@xxxxxxxx] On Behalf >> Of Vijay K. Gurbani >> Sent: Wednesday, March 25, 2009 10:58 PM >> >> Adam Roach wrote: >> > In the spirit of "send text," I've put together a straw-man proposal for >> > an easy-to-generate and fast-to-process extensible format for saving SIP >> > log messages: >> > >> > http://www.ietf.org/internet-drafts/draft-roach-sipping-clf-syntax- >> 00.txt >> [...] >> >> Adam: Essentially you are advocating for a table-of-content >> type of approach where you read the ToC and index straight >> to where you want to go. I have worked on SIP parsers >> designed this way. >> >> The parsing is optimized, yes, when compared to the ASCII >> version -- though perl can do wonders, but not to outperform >> binary parsing. The disadvantage is that you loose readability >> and would need specialized tools to, say, grep through such >> a file. >> >> It will be interesting to see what others think... >> >> Thanks, >> >> - vijay >> -- >> Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent >> 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60566 (USA) >> Email: vkg@{alcatel-lucent.com,bell-labs.com,acm.org} >> Web: http://ect.bell-labs.com/who/vkg/ >> _______________________________________________ >> Sipping mailing list https://www.ietf.org/mailman/listinfo/sipping >> This list is for NEW development of the application of SIP >> Use sip-implementors@xxxxxxxxxxxxxxx for questions on current sip >> Use sip@xxxxxxxx for new developments of core SIP > _______________________________________________ > Sipping mailing list https://www.ietf.org/mailman/listinfo/sipping > This list is for NEW development of the application of SIP > Use sip-implementors@xxxxxxxxxxxxxxx for questions on current sip > Use sip@xxxxxxxx for new developments of core SIP > _______________________________________________ Sipping mailing list https://www.ietf.org/mailman/listinfo/sipping This list is for NEW development of the application of SIP Use sip-implementors@xxxxxxxxxxxxxxx for questions on current sip Use sip@xxxxxxxx for new developments of core SIP
