From 1852910ef0fd7393da62b88aee66ee092208748e Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 27 Apr 2024 12:41:58 +0200
Subject: Adding upstream version 5.3.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 modules/dnstap/README.rst | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 modules/dnstap/README.rst

(limited to 'modules/dnstap/README.rst')

diff --git a/modules/dnstap/README.rst b/modules/dnstap/README.rst
new file mode 100644
index 0000000..575aa3d
--- /dev/null
+++ b/modules/dnstap/README.rst
@@ -0,0 +1,34 @@
+.. SPDX-License-Identifier: GPL-3.0-or-later
+
+.. _mod-dnstap:
+
+Dnstap (traffic collection)
+===========================
+
+The ``dnstap`` module supports logging DNS requests and responses to a unix
+socket in `dnstap format <https://dnstap.info>`_ using fstrm framing library.
+This logging is useful if you need effectivelly log all DNS traffic.
+
+The unix socket and the socket reader must be present before starting resolver instances.
+
+Tunables:
+
+* ``socket_path``: the unix socket file where dnstap messages will be sent
+* ``identity``: identity string as typically returned by an "NSID" (RFC 5001) query, empty by default
+* ``version``: version string of the resolver, defaulting to "Knot Resolver major.minor.patch"
+* ``client.log_queries``: if ``true`` queries from downstream in wire format will be logged
+* ``client.log_responses``: if ``true`` responses to downstream in wire format will be logged
+
+.. code-block:: lua
+
+    modules = {
+        dnstap = {
+            socket_path = "/tmp/dnstap.sock",
+            identity = nsid.name() or "",
+            version = "My Custom Knot Resolver " .. package_version(),
+            client = {
+                log_queries = true,
+                log_responses = true,
+            },
+        }
+    }
-- 
cgit v1.2.3