dnstapmq - Capture, display, and relay Dnstap data.
dnstap [ -u socket-path [ -u socket2-path
... ] ]
[ -l host:port [ -l
host2:port2 ... ] ]
[ -r file [ -r file2
... ] ]
[ -U socket-path [ -U
socket2-path ... ] ]
[ -T host:port [ -T
host2:port2 ... ] ]
[ -w file ] [ -q | -y | -j | -m]
[-a]
[ -t timeout ]
dnstap reads data in the Dnstap export format from Frame Streams files or receives data on Frame Streams connections to TCP/IP or unix domain socket addresses. dnstap can display this data in a compact text (the default), JSON, or YAML formats. It can also save data to a file in display or Frame Streams binary format, or relay the data to other Dnstap processes over unix domain socket or TCP/IP connections.
When opening an file (-w) for text format output (-j, -q, or -y), append to the file rather truncating.
-a does not apply when writing binary Frame Streams data to a file.
Write data in message_question format, a tab-separated format where only query names are shown.
At most one text format (-j, -q, or -y) option may be given.
-j Write data in JSON format. Encapsulated DNS messages are rendered in text form similar to the output of dig(1).
Listen for Dnstap data on TCP/IP port port on address host.
The -l option may be given multiple times to listen on multiple addresses.
At least one input (-l, -r, or -u) option must be given.
Write or display data in compact (quiet) text format.
At most one text format (-j, -q, or -y) option may be given.
Read Dnstap data from the given file. The -r option may be given multiple times to read from multiple files.
At least one input (-l, -r, or -u) option must be given.
Relay Dnstap data over a TCP/IP connection to host:port. dnstap will establish or re-establish this connection as needed.
The -T option may be given multiple times to relay Dnstap data to multiple addresses.
Apply i/o timeout to TCP/IP and unix domain socket connections. timeout is given as a number followed by a unit abbreviation (e.g., ms for milliseconds, s for seconds, m for minutes).
Listen for Dnstap data on the unix domain socket at socket-path. dnstap will remove any file or socket socket-path before listening.
The -u option may be given multiple times to listen on multiple socket paths.
At least one input (-l, -r, or -u) option must be given.
Relay Dnstap data over a unix domain socket connection to socket-path. dnstap will establish or re-establish this connection as needed.
The -U option may be given multiple times to relay Dnstap data to multiple socket paths.
Write Dnstap data to file.
If file is "-" or no -w, -T, or -U output options are present, data will be written to standard output in quiet text format (-q), unless the YAML or JSON format is specified with the -y or -j options, respectively.
If file is a filename other than "-", Dnstap data is written to the named file in Frame Streams binary format by default, unless quiet text, JSON, or YAML formats are specified.
dnstap will reopen file on SIGHUP, for file rotation purposes.
Write Dnstap output in YAML format. Encapsulated DNS messages are rendered in text form similar to the output of dig(1).
At most one text format (-j, -q, or -y) option may be given.
Listen for Dnstap data from a local name server and print quiet text format to standard output.
dnstap -u /var/named/dnstap.sockListen for Dnstap data from a local name server, save a local binary copy, and relay it to a remote host over TCP.
dnstap -u /usr/local/unbound/dnstap.sock -w dnstap.fstrm \
-T dns-admin.example.com:5353dnstapmq-1.0 released 2023-12-19
dig(1)