Please add connection "peer" to default text-format directives

[peterand-pa]

Is your feature request related to a problem? Please describe.
I need to be able to log the source of the dnstap message

Describe the solution you'd like
A new text-format directive

Describe alternatives you've considered
Overriding dnstap identity string

Additional context
None

[dmachard]

Can you share a example ?

[peterand-pa]

Actually , for us peername would be better.
So generally speaking , any logging should reflect the source of the dnstap message ( the connection peer ) because that is usually the DNS server.
Having the DNS server - not the dnscollector server - as the source host in the centralised splunk logs is very important.
( we plan to have 14 DNS appliances sending dnstap to one central location with about 40K queries per second )
Similiar to my other request #588 .

In ./collectors/dnstap.go , there's a line peer := conn.RemoteAddr().String() .
I'd also add a gethostbyname to get the hostname of the peer .
Unfortunately , I don't know enough about dnscollector's data structures and how that info would get accessed in a logger .

So, because it'd have to cater for multiple peer connections , I'd suggest it gets added to the dnstap message structure ( dm )

Then by making those text-format directives available, loggers could use that data in the text-format .
eg
text-format: "timestamp-rfc3339ns peername operation rcode queryip queryport family protocol length qname qtype latency"

[dmachard]

It will be implemented for next release.