Skip to content

dnstap: log client requests + filter out internal queries

Pavel Doležal requested to merge dnstap-improvement into master

Currently Resolver's dnstap module in addition to client responses exports internal responses lacking IP addresses, ports etc. These responses probably shouldn't be exported. On the other hand client responses should also be accompanied by client requests. dnstap's specification defines which types of queries should resolvers export. From this specification there are 3 types of queries Knot Resolver could potentially export:

  • client
  • resolver
  • forwarder

This merge request updates configuration of Knot Resolver's dnstap module to properly include export of client queries (requests+responses) and eliminates export of the problematic internal queries. It also adds optional identity and version fields to the configuration.

The updated configuration of dnstap module looks like this:

modules = {
    dnstap = {
        socket_path = "/tmp/dnstap.sock",
        identity = "",
        version = "Knot Resolver major.minor.patch",
        client = {
            log_queries = true,
            log_responses = true
        }
    }
}
Edited by Vladimír Čunát

Merge request reports