fibre-optical-Y2278P8.png

sipcmbeat

SIPCMBEAT collects plain-text SIP (RFC3261) traffic from the net and generates comprehensible aggregated SIP events that describe calls and registrations. The events comply to Elastic Common Schema (ECS), include custom SIP-specific extensions and can be used by applications building upon the popular Elastic Search database. There they can be further used for CDR post-processing and reconciliation, troubleshooting and most importantly security analytics and VoIP Fraud detection.

SIP

intuitive_labs_website_icons_1-59.png
intuitive_labs_website_icons_1-35.png
EmbeddedImage6.png
plain-gradient-maroon-pattern-background

EVOLUTION

SIPCMBEAT is based on a SIP stack developed to meet the goals of a security analytics probe. It aggregates SIP signaling in comprehensible events, filters unnecessary information, encrypts sensitive data, produces the events and sends them to ElasticSearch using  Elastic libbeat library. Further features include built-in web server, UDP/Tcp processing to accomodate the SIP stack, and throttling of recurrent patterns.

intuitive_labs_website_icons_1-58.png

RPM packages repository:

SOURCE

Find the source here.

LICENCE

SIPCMBEAT comes under source-available software licence agreement that permits non-commercial use of the software such as for trialing, experimenting, auditing, research, testing, evaluation and educational purposes. For any other purposes contact info@intuitivelabs.com.