Trace Reading with TranslatorX

Kenichi Ogami · ‎01-24-2017

TranslatorX is a tool to help analyze logs from Cisco Unified Communications Manager (CUCM) and other devices.

Here is a list of logs that can be decoded using this tool.

1. CUCM (Cisco CallManager traces: SIP, H.323, Q931, MGCP, SCCP
2. Voice Gateway debugs (debug ccsip message, debug isdn q931): SIP, Q931
3. VCS / Expressway (Diagnostics Log): SIP, H.323
4. Jabber (Problem Report): SIP
5. CWMS (wbxXXXX_sip.log from Infocap): SIP *Unsupported

Below you can find more detailed information about TranslatorX and some examples for how to use it.

TranslatorX

http://www.translatorx.org/

Collecting CUCM Traces

https://supportforums.cisco.com/document/126666/collecting-cucm-traces-cucm-862-tac-sr

Loading trace files into TranslatorX

https://supportforums.cisco.com/document/13209866/loading-trace-files-translatorx

Displaying call flow sequence diagrams in TranslatorX

https://supportforums.cisco.com/document/13209921/displaying-call-flow-sequence-diagrams-translatorx

Using filters in TranslatorX

https://supportforums.cisco.com/document/13209906/using-filters-translatorx

Displaying a list of calls in TranslatorX

https://supportforums.cisco.com/document/13209911/displaying-list-calls-translatorx

cis-admins · ‎06-17-2019

Great information and very helpful. I was able to interpret the logs as saying that a real number on our internal network was calling out repeatedly(in rapid succession) to an fake external phone number and in another case a fake number was repeatedly calling an internal number on our network. So what are my options to keep this from happening other than blocking the individual fake number? Is it a attack on my phone networking? Is it an attempt to get in or disrupt my service similar to a dos attack?