SS7 traffic trace and capture



What kind of tools are you using for SS7 and Sigtran traffic capture?

Can you please also provide any capture examples?

For asterisk with there is an embedded “ss7 dump start” command, however that is missing in



You can try wireshark, ngrep?


The problem is that wireshark, ngrep is capturing tcp, udp, sctp but not mtp, isup

In case that you know a way to capture ss7 traffic with them please provide examples, thx


Sorry for late response. You can capture ss7 or any other protocol using wireshark and other sniffers
Here, check this out to do with wireshark


You can analyze with wireshark, but you need support from the protocol stack to capture.


Thank you for replies, I should gave more details,

I have HPE servers with Digium TE420/TE820 cards,

How can I specify for sniffers to listen from that specific cards ?

“any” option is not working, as it listen only from network interfaces


Here maybe I am wrong but Digium cards use T1 lines whereas Ethernet uses a different line.
Sniffers are meant to work with Ethernet cards only. So, I don’t think it will work as the protocols vary


Yes, you are right

I’ve opened the topic in order to understand if there are any tools for capturing SS7 traffic from E1/T1 streams

Besides the embedded asterisk command “ss7 dump start” I couldn’t find any