[nsd-users] DNSTAP with NSD 4.2.4

Greg Bock greg.bock at stackpath.com
Thu Jan 23 19:21:38 UTC 2020

> Hello,
> I installed NSD version 4.2.4 and configured it with dnstap enabled.
> Here's the dnstap portion from both my nsd.conf
> dnstap:
>         # set this to yes and set one or more of dnstap-log-..-messages to yes.
>         dnstap-enable: yes
>         dnstap-socket-path: "/var/run/dnstap.sock"
>         dnstap-send-identity: no
>         dnstap-send-version: no
>         # dnstap-identity: ""
>         # dnstap-version: ""
>         dnstap-log-auth-query-messages: yes
>         dnstap-log-auth-response-messages: yes
> I started a fstrm_capture listener before I started the nsd-control and it created the dnstap.sock in the right directory as necessary with this: sudo fstrm_capture -t protobuf:dnstap.Dnstap -u /var/run/dnstap.sock -w /home/USERNAME/FOLDER/FILENAME.dnstap
> I am not sure what I am missing. When I try to read this FILENAME.dnstap file I still don't see any output.
> There are no errors pertaining to nsd in syslog either.

What are ownership and permissions on /var/run/dnstap.sock? I would guess that the user NSD is running as does not have permissions to write to the socket. 

More information about the nsd-users mailing list