Rename Extract/response_payload into dns_payload (#281)

* adds: [logger] raw DNS response * chg: [doc] adds response_payload directive * chg: [transformer] extract transformer in place of response_payload directive * chg: [doc] restore * chg: [transformers] extract - rename response_payload to dns_payload
dmachard · Apr 21, 2023 · b3eba9b · b3eba9b
1 parent 362621b
commit b3eba9b
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 7 deletions.
diff --git a/config.yml b/config.yml
@@ -54,7 +54,7 @@ global:
   # - edns-csubnet: client subnet
   # - df: ip defragmentation flag
   # - tr: tcp reassembled flag
-  # - response_payload: base64-encoded raw DNS response payload
+  # - dns_payload: base64-encoded raw DNS payload
   text-format: "timestamp-rfc3339ns identity operation rcode queryip queryport family protocol length qname qtype latency"
   # default text field delimiter
   text-format-delimiter: " "

diff --git a/dnsutils/message.go b/dnsutils/message.go
@@ -174,7 +174,7 @@ type DnsMessage struct {
 }
 
 type Extracted struct {
-	Base64Payload []byte `json:"response_payload" msgpack:"response_payload"`
+	Base64Payload []byte `json:"dns_payload" msgpack:"dns_payload"`
 }
 
 func (dm *DnsMessage) Init() {

diff --git a/doc/transformers.md b/doc/transformers.md
@@ -265,20 +265,19 @@ Example of DNS messages in text format
 
 ### Extract
 
-Use this transformer to extract the raw response payload encoded in base64:
+Use this transformer to extract the raw dns payload encoded in base64:
 
 Options:
-- `add-payload`: (boolean) add base64 encoded response payload
+- `add-payload`: (boolean) add base64 encoded dns payload
 
 ```yaml
 transforms:
   extract:
     add-payload: true
 ```
 
-When the feature is enabled, an "extracted" field appears in the DNS message and is populated with a "response_payload" field:
+When the feature is enabled, an "extracted" field appears in the DNS message and is populated with a "dns_payload" field:
 
 ```
-{"network":{"family":"IPv4","protocol":"UDP","query-ip":"10.1.0.123","query-port":"56357","response-ip":"10.7.0.252","response-port":"53","ip-defragmented":false,"tcp-reassembled":false},"dns":{"length":63,"opcode":0,"rcode":"NOERROR","qname":"orange-sanguine.fr","qtype":"A","flags":{"qr":true,"tc":false,"aa":false,"ra":true,"ad":false},"resource-records":{"an":[{"name":"orange-sanguine.fr","rdatatype":"A","ttl":21600,"rdata":"193.203.239.81"}],"ns":[],"ar":[]},"malformed-packet":false},"edns":{"udp-size":1232,"rcode":0,"version":0,"dnssec-ok":0,"options":[]},"dnstap":{"operation":"CLIENT_RESPONSE","identity":"dns-collector","version":"-","timestamp-rfc3339ns":"2023-04-19T11:23:56.018192608Z","latency":"0.000000"},"extracted":{"response_payload":"P6CBgAABAAEAAAABD29yYW5nZS1zYW5ndWluZQJmcgAAAQABwAwAAQABAABUYAAEwcvvUQAAKQTQAAAAAAAA"}}
-
+{"network":{"family":"IPv4","protocol":"UDP","query-ip":"10.1.0.123","query-port":"56357","response-ip":"10.7.0.252","response-port":"53","ip-defragmented":false,"tcp-reassembled":false},"dns":{"length":63,"opcode":0,"rcode":"NOERROR","qname":"orange-sanguine.fr","qtype":"A","flags":{"qr":true,"tc":false,"aa":false,"ra":true,"ad":false},"resource-records":{"an":[{"name":"orange-sanguine.fr","rdatatype":"A","ttl":21600,"rdata":"193.203.239.81"}],"ns":[],"ar":[]},"malformed-packet":false},"edns":{"udp-size":1232,"rcode":0,"version":0,"dnssec-ok":0,"options":[]},"dnstap":{"operation":"CLIENT_RESPONSE","identity":"dns-collector","version":"-","timestamp-rfc3339ns":"2023-04-19T11:23:56.018192608Z","latency":"0.000000"},"extracted":{"dns_payload":"P6CBgAABAAEAAAABD29yYW5nZS1zYW5ndWluZQJmcgAAAQABwAwAAQABAABUYAAEwcvvUQAAKQTQAAAAAAAA"}}
 ```