From ccd822b44ccabfee967ee035d7d9ee83fb3d3da0 Mon Sep 17 00:00:00 2001 From: dmachard <5562930+dmachard@users.noreply.github.com> Date: Fri, 24 Feb 2023 12:22:07 +0100 Subject: [PATCH] dnstap collector: add version --- README.md | 6 +++--- collectors/dnstap_processor.go | 4 ++++ dnsutils/message.go | 4 ++++ doc/configuration.md | 1 + doc/dnsjson.md | 1 + 5 files changed, 13 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5da17426..a022912b 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ Additionally, DNS-collector also contains DNS parser with [`EDNS`](doc/dnsparser **Collectors**: - *Listen for logging traffic with streaming network protocols* - - [`DNStap`](doc/collectors.md#dns-tap) with `tls`, `tcp` or `unix` support and [`proxifier`](doc/collectors.md#dns-tap-proxifier) - - [`PowerDNS`](doc/collectors.md#protobuf-powerdns) streams with full [`support`](doc/powerdns.md) - - [`TZSP`](doc/collectors.md#tzsp)(TaZmen Sniffer Protocol) support + - [`DNStap`](doc/collectors.md#dns-tap) with `tls`|`tcp`|`unix` transports support and [`proxifier`](doc/collectors.md#dns-tap-proxifier) + - [`PowerDNS`](doc/collectors.md#protobuf-powerdns) streams with [`full`](doc/powerdns.md) support + - [`TZSP`](doc/collectors.md#tzsp) protocol support - *Live capture on a network interface* - [`AF_PACKET`](doc/collectors.md#live-capture-with-af_packet) socket with BPF filter - [`eBPF XDP`](doc/collectors.md#live-capture-with-ebpf-xdp) ingress traffic diff --git a/collectors/dnstap_processor.go b/collectors/dnstap_processor.go index f325b2c5..e1fbd773 100644 --- a/collectors/dnstap_processor.go +++ b/collectors/dnstap_processor.go @@ -127,6 +127,10 @@ func (d *DnstapProcessor) Run(sendTo []chan dnsutils.DnsMessage) { if len(identity) > 0 { dm.DnsTap.Identity = string(identity) } + version := dt.GetVersion() + if len(identity) > 0 { + dm.DnsTap.Version = string(version) + } dm.DnsTap.Operation = dt.GetMessage().GetType().String() dm.NetworkInfo.Family = dt.GetMessage().GetSocketFamily().String() diff --git a/dnsutils/message.go b/dnsutils/message.go index 93c65449..4bd52643 100644 --- a/dnsutils/message.go +++ b/dnsutils/message.go @@ -124,6 +124,7 @@ type DnsExtended struct { type DnsTap struct { Operation string `json:"operation" msgpack:"operation"` Identity string `json:"identity" msgpack:"identity"` + Version string `json:"version" msgpack:"version"` TimestampRFC3339 string `json:"timestamp-rfc3339ns" msgpack:"timestamp-rfc3339ns"` Timestamp float64 `json:"-" msgpack:"-"` TimeSec int `json:"-" msgpack:"-"` @@ -180,6 +181,7 @@ func (dm *DnsMessage) Init() { dm.DnsTap = DnsTap{ Operation: "-", Identity: "-", + Version: "-", TimestampRFC3339: "-", LatencySec: "-", } @@ -362,6 +364,8 @@ func (dm *DnsMessage) Bytes(format []string, delimiter string) []byte { s.WriteString(ts.Format("2006-01-02 15:04:05.999999999")) case directive == "identity": s.WriteString(dm.DnsTap.Identity) + case directive == "version": + s.WriteString(dm.DnsTap.Version) case directive == "operation": s.WriteString(dm.DnsTap.Operation) case directive == "rcode": diff --git a/doc/configuration.md b/doc/configuration.md index 7067e2ca..7c420d0e 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -69,6 +69,7 @@ Default directives: - `timestamp-unixns`: unix timestamp with nano support - `localtime`: local time - `identity`: dnstap identity +- `version`: dnstap version - `operation`: dnstap operation - `opcode`: dns opcode (integer) - `rcode`: dns return code diff --git a/doc/dnsjson.md b/doc/dnsjson.md index d9613c8a..950db198 100644 --- a/doc/dnsjson.md +++ b/doc/dnsjson.md @@ -69,6 +69,7 @@ Example: "dnstap": { "operation": "CLIENT_RESPONSE", "identity": "dnsdist1", + "version": "-", "timestamp-rfc3339ns": "2021-12-27T14:33:44.559002118Z", "latency": "0.014617" }