sniffing SIP caller ID traffic

Background: I recently took over the administration for a small company that has a Cisco Unified Call Manager in place.  I have little exposure to this product.  The phones at the desk are 7692 VOIP phones.  Their data network is 192.168.x.x and their voice traffic is on the 10.x.x.x network.

Problem: We want to see if we can pull SIP Caller ID information and export it to a database for use with a customer service application.  They want to be able to 'pop' caller information to the support rep real time.  They don't want to use the Cisco product that covers this solution due to the cost so I've been tasked with researching a cheaper 3rd party solution to this.

Potential Solution: I'm considering buying cheap hubs to install at each customer rep desks and then adding another NIC to their workstation to sniff traffic.  Then I would hire a programmer to write a program that would sniff packet(s) that contains the caller Id information (I am calling our SIP provider for this information) for export into their customer service database.

My question:  Has anyone done this?  Does this sound like it would work?
GDavis193Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

José MéndezCommented:
It sounds a little over killed. Why not configuring your topology so that when meeting the right conditions, calls are routed to a server running OpenSIPS for example, where you can do all sorts of things with the SIP signaling, then OpenSIPS would return the call back to CallManager and deliver it to the phone representative.

www.opensips.org
0
GDavis193Author Commented:
I have very limited experience with the Call Manager from Cisco so this routing of packets to an OpenSIPS box would be above my pay grade.  Something on the desk side end would allow me to troubleshoot and fix issues as we implement w/o taking down their entire call system.
0
Frank MayerTechnical Voip SupportCommented:
Hi,
there should be logfiles for the Callmanger which are generated. It should be possible to
parse them and send a notification to your desired PC. Or you enable a Syslogserver where the Callmanager sends its notification which you can analyze.
Same is true for SNMP. Then you need a description about the supported SNMP notifications and perhaps you can retrieve the desired data.
Perhaps you dont need hubs, when your switch has a Mirrorport built in.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

José MéndezCommented:
Yohei's idea is good. You have the possibility to off load the callmanager traces to an FTP automatically through RTMT, and you can define the type of information to be logged in the traces.

The problem is that traces are far from being real time. And besides, you turn a flexible troubleshooting tool into a production feature. Can't even start imagining the implications of it.

You may try installing Blink (icanblink.com) which is a softphone and has excellent SIP logging capabilities, share the line with the real phone, and have the programmer parse Blink's log for caller ID information. The phone would be used only as a logging entity. Even further, your programmer may develop a third party SIP phone that can register to CUCM and share the desk phone's line, and run in your users computer, so that when it receives a call, it will be answered from the desk phone but the SIP client in the PC will have already gone to the database and picked up the data to display on screen based on the incoming call received.

I still think we are doing it wrong, we could do it from the server side instead. But I wont oppose though.
0
mikedaddyCommented:
I would setup a Mirrorport to dump my LAN side of the cisco call manager to a port. Plug that port into a Linux machine and run some perl code to realtime parse out ngrep:
ngrep -W byline -d eth0 port 5060

Open in new window


The parsing would be the hardest part, but there's probably a lot of info on parsing SIP messages.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GDavis193Author Commented:
Appreicate the help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Voice Over IP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.