[dnstap] Windows DNS ETW to dnstap interoperability
Fred Morris
m3047 at m3047.net
Mon May 25 20:01:58 UTC 2026
I'd love to know more! "I don't do windows", and what I personally use is
BIND, and it only writes to a file or a unix socket. That's a problem for
containerization, especially microkernels which only run one image. I've
wished since the beginning that it supported TCP. I don't view this as a
replacement, what I'm interested in is who / what are the consumers for
this (already built to consume fstrm over TLS)? I am familiar with SIE.
;-)
I don't know why you put fstrm in front of it. I seem to extract what I
need and then send that as multicast datagrams (JSONified in what I give
away publicly).
Feel free to contact me offlist (I'll give you a Trualias) or to hunt me
down on LinkedIn.
--
Fred Morris, internet plumber
On Mon, 25 May 2026, Stephen Vickers via dnstap wrote:
>
> Hi all,
> I’ve been working on a Windows DNS telemetry collector called DnsStream which captures DNS telemetry directly from the native
> Windows DNS server ETW provider and now emits standards-compatible dnstap over TCP/TLS using fstrm.
> [...]
More information about the dnstap
mailing list