Hello:
am attempting to write a local decoder for Asterisk and cannot get the syntax
correct. The log line appears as:
[Dec 10 19:47:47] NOTICE[23927][C-00000013] chan_sip.c: Call from ''
(NNN.NNN.NNN.NNN:9202) to extension 'NNNNNNNNNNNNN' rejected because extension
not found in context 'XXXXXXXXXXX'.
and I have tried the following decoder:
<decoder name="local-asterisk-registration">
<prematch>NOTICE[\d+] \S+: Call from \S+ \((\d+.\d+.\d+.\d+):\d+\) </prematch>
<regex offset="after_prematch">to extension \S+ rejected because extension
not found in context</regex>
<order>srcip</order>
</decoder>
this never matches and am wondering whether it is due to the '(' around the
source IP ?
Any help appreciated.
