base/bif/plugins/Zeek_SIP.events.bif.zeek¶

GLOBAL¶

Namespace: GLOBAL

Summary¶

Events¶

`sip_all_headers`: `event`	Generated once for all SIP headers from the originator or responder.
`sip_begin_entity`: `event`	Generated at the beginning of a SIP message.
`sip_end_entity`: `event`	Generated at the end of a SIP message.
`sip_header`: `event`	Generated for each SIP header.
`sip_reply`: `event`	Generated for SIP replies, used in Voice over IP (VoIP).
`sip_request`: `event`	Generated for SIP requests, used in Voice over IP (VoIP).

Detailed Interface¶

Events¶

sip_all_headers¶

Type: event (c: connection, is_orig: bool, hlist: mime_header_list)

Generated once for all SIP headers from the originator or responder.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Is_orig: Whether the headers came from the originator.
Hlist: All the headers, and their values

See also: sip_request, sip_reply, sip_header, sip_begin_entity, sip_end_entity

sip_begin_entity¶

Type: event (c: connection, is_orig: bool)

Generated at the beginning of a SIP message.

This event is generated as soon as a message’s initial line has been parsed.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Is_orig: Whether the message came from the originator.

See also: sip_request, sip_reply, sip_header, sip_all_headers, sip_end_entity

sip_end_entity¶

Type: event (c: connection, is_orig: bool)

Generated at the end of a SIP message.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Is_orig: Whether the message came from the originator.

See also: sip_request, sip_reply, sip_header, sip_all_headers, sip_begin_entity

sip_header¶

Type: event (c: connection, is_orig: bool, name: string, value: string)

Generated for each SIP header.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Is_orig: Whether the header came from the originator.
Name: Header name.
Value: Header value.

See also: sip_request, sip_reply, sip_all_headers, sip_begin_entity, sip_end_entity

sip_reply¶

Type: event (c: connection, version: string, code: count, reason: string)

Generated for SIP replies, used in Voice over IP (VoIP).

This event is generated as soon as a reply’s initial line has been parsed.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Version: The SIP version in use.
Code: The response code.
Reason: Textual details for the response code.

See also: sip_request, sip_header, sip_all_headers, sip_begin_entity, sip_end_entity

sip_request¶

Type: event (c: connection, method: string, original_URI: string, version: string)

Generated for SIP requests, used in Voice over IP (VoIP).

This event is generated as soon as a request’s initial line has been parsed.

See Wikipedia for more information about the SIP protocol.

C: The connection.
Method: The SIP method extracted from the request (e.g., REGISTER, NOTIFY).
Original_URI: The unprocessed URI as specified in the request.
Version: The version number specified in the request (e.g., 2.0).

See also: sip_reply, sip_header, sip_all_headers, sip_begin_entity, sip_end_entity