[dnstap] Python sample to read DNSTAP log or from UNIX socket
joff.thyer at cybercovenant.com
joff.thyer at cybercovenant.com
Thu May 30 23:53:34 UTC 2019
This is totally version 0.0.1 but I have written some Python to parse through a frame stream created log.
https://github.com/yoda66/DNSTAP-FrameStream-Python
Joff
On May 29, 2019, 5:52 PM -0400, Chris Mikkelson <cmikk at fsi.io>, wrote:
> On Wed, May 29, 2019 at 05:45:34PM -0400, joff.thyer at cybercovenant.com wrote:
> > Chris,
> > Having read a little, I have a quick POC Python script to read through
> > and identify Control versus Data frames in the stream. Before parsing
> > with protobuf, would the idea be to assemble all of the data frames
> > into one large buffer and then parse with “ParseFromString()” or
> > intuitively I would have thought one data frame at a time.
>
> The latter is correct: each data frame corresponds to one Dnstap message,
> and the data frame's content should be suitable input for ParseFromString().
>
> --
> Chris Mikkelson
> Sr. Distributed Systems Engineer
> Farsight Security, Inc.
> cmikk at fsi.io
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/dnstap/attachments/20190530/1baf51bc/attachment.htm>
More information about the dnstap
mailing list