1) Use tools like Wireshark to monitor the traffic.
2) Build Bitcoin Core from source, and add some monitoring capabilities, for example by writing suspicious messages to some file, and limiting that to the last N megabytes, to prevent flooding.
Edit: The second option is of course more dangerous, because it requires some coding skills, and you have to be careful, to not break some features. But I think it is easier, when you want to analyze something. For example, if you want to extract all z-values for all transactions, it is easier to attach to some code, related to signature checking, then you can easily grab those values directly, without going through the whole procedure of making the right message, and hashing that.
The same here, if you attach to some code that will parse received message, it will be already decrypted, and will fit the Bitcoin protocol, so there will be no need to go through the whole encryption/decryption stuff, that is related to handling onion nodes, you will get the raw values directly, inside some function, so you can just write it to some file to analyze that.
I can code C++ so that is not a problem, but I was just hoping that there would be a simpler solution to this as I have so much C++ work to do already.
Something like this code scaffold could be used to log the peer ID, the current timestamp, and the message in a single directory organized by peer id, with integer timestamps as the name.
#include
#include
#include
using namespace std;
namespace MessageLogger {
// Someone tell me if this is the correct class for P2P messages
void log(int peer id, const CMessage& message) {
char timestamp[128];
strftime(timestamp, 128, "%Y-%m-%d %H:%M:%S");
/* ... */
}
};