I was recently troubleshooting a Lync 2013 XMPP <-> Gmail issue and came across a great new addition to Snooper – the Flow Chart (call flow) window. As you can see in the image below, it is similar to Wireshark’s SIP flow tool, but is diagrammed right from ocslogger’s logs – no TLS decryption required!
To use the tool:
1. Gather your logs in ocslogger. If you don’t have the 2013 debugging tools installed, you can get them here.
2. Click “Analyze” to launch Snooper
3. In either “Messages” or “Trace” view, click on the new call flow icon, highlighted in yellow
4. Presto! A nicely laid out SIP call flow.
Aside from the overview, you have options to include timestamps and merge (semi) redundant SIP message – if you’ve troubleshot collocated mediation servers in the past this is a great way to minimize the clutter of the flow.
The tool is great for troubleshooting on your own, but even better when conveying complex topologies and call flow to customers or colleagues. In heterogeneous environments a visual aid like this can save hours of explanation and finger-pointing. I have yet to try it, but I’d expect the tool to work on any UCMA application, including Exchange UM (2010 SP1 + higher) and custom applications.
Nice work Snooper team!