[nsd-users] DNSTAP with NSD 4.2.4
greg.bock at stackpath.com
Thu Jan 23 19:21:38 UTC 2020
> I installed NSD version 4.2.4 and configured it with dnstap enabled.
> Here's the dnstap portion from both my nsd.conf
> # set this to yes and set one or more of dnstap-log-..-messages to yes.
> dnstap-enable: yes
> dnstap-socket-path: "/var/run/dnstap.sock"
> dnstap-send-identity: no
> dnstap-send-version: no
> # dnstap-identity: ""
> # dnstap-version: ""
> dnstap-log-auth-query-messages: yes
> dnstap-log-auth-response-messages: yes
> I started a fstrm_capture listener before I started the nsd-control and it created the dnstap.sock in the right directory as necessary with this: sudo fstrm_capture -t protobuf:dnstap.Dnstap -u /var/run/dnstap.sock -w /home/USERNAME/FOLDER/FILENAME.dnstap
> I am not sure what I am missing. When I try to read this FILENAME.dnstap file I still don't see any output.
> There are no errors pertaining to nsd in syslog either.
What are ownership and permissions on /var/run/dnstap.sock? I would guess that the user NSD is running as does not have permissions to write to the socket.
More information about the nsd-users