My application uses SIP protocol and I wanted to have a real-time packet analyzer for it. I found that Packetbeat could be the perfect fit, but unfortunately it doesn't support SIP in the listed set of protocols.
Is there any way in which I can still capture the packets using the Packetbeat in the binary form and then write to a file/kafka which I can later pick up and decode, without modifying the source code of Packetbeat?
Thank you 
appreciate the quick reply.
@sarathtv Packetbeat provides some support for SIP data. Curious if the fields here would meet your needs? SIP fields | Packetbeat Reference [8.6] | Elastic
Oh, that's awesome! I guess SIP was not there, when I last checked the documentation. This would suffice my needs regarding SIP. Also, the other point that warkolm mentioned also remains true that I can't use it just for capturing purpose for any other unsupported protocols in binary form. Thanks.
1 Like