diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log b/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log
new file mode 100644
index 0000000000..0523babdcd
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.dns.binds/dns.log
@@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	dns
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	trans_id	rtt	query	qclass	qclass_name	qtype	qtype_name	rcode	rcode_name	AA	TC	RD	RA	Z	answers	TTLs	rejected	auth	addl
+#types	time	string	addr	port	addr	port	enum	count	interval	string	count	string	count	string	count	string	bool	bool	bool	bool	count	vector[string]	vector[interval]	bool	set[string]	set[string]
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	10.87.3.74	51871	10.87.1.10	53	udp	27571	0.002004	example.net	1	C_INTERNET	65534	query-65534	0	NOERROR	T	F	T	T	2	BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal,BIND9 signing signal	0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000,0.000000	F	-	-
+#close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.binds/output b/testing/btest/Baseline/scripts.base.protocols.dns.binds/output
new file mode 100644
index 0000000000..9e60009463
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.dns.binds/output
@@ -0,0 +1,17 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+BINDS, [query=example.net, answer_type=1, algorithm=7, key_id=32018, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=5, key_id=2196, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=15, key_id=12994, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=16, key_id=23868, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=7, key_id=37611, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=8, key_id=9551, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=5, key_id=48254, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=8, key_id=33130, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=14, key_id=15141, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=10, key_id=41675, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=10, key_id=63711, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=13, key_id=65395, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=13, key_id=31400, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=14, key_id=60289, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=15, key_id=31000, removal_flag=0, complte_flag=\x01, is_query=0]
+BINDS, [query=example.net, answer_type=1, algorithm=16, key_id=40187, removal_flag=0, complte_flag=\x01, is_query=0]
diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log b/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log
index 20c5e818c9..5cb0f62ae5 100644
--- a/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log
+++ b/testing/btest/Baseline/scripts.base.protocols.dns.wks/dns.log
@@ -7,5 +7,5 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	trans_id	rtt	query	qclass	qclass_name	qtype	qtype_name	rcode	rcode_name	AA	TC	RD	RA	Z	answers	TTLs	rejected	auth	addl
 #types	time	string	addr	port	addr	port	enum	count	interval	string	count	string	count	string	count	string	bool	bool	bool	bool	count	vector[string]	vector[interval]	bool	set[string]	set[string]
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	10.87.3.18	60059	10.87.1.10	53	udp	63119	-	zeek.example.net	1	C_INTERNET	11	WKS	0	NOERROR	F	F	T	F	2	-	-	F	-	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	10.87.3.18	60059	10.87.1.10	53	udp	63119	0.001993	zeek.example.net	1	C_INTERNET	11	WKS	0	NOERROR	T	F	T	T	2	-	-	F	-	-
 #close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/Baseline/scripts.base.protocols.dns.wks/output b/testing/btest/Baseline/scripts.base.protocols.dns.wks/output
index 49d861c74c..52ce957a48 100644
--- a/testing/btest/Baseline/scripts.base.protocols.dns.wks/output
+++ b/testing/btest/Baseline/scripts.base.protocols.dns.wks/output
@@ -1 +1,2 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+WKS, dns_msg, dns_answer
diff --git a/testing/btest/Traces/dns/dns-binds.pcap b/testing/btest/Traces/dns/dns-binds.pcap
new file mode 100644
index 0000000000..92ccc4125c
Binary files /dev/null and b/testing/btest/Traces/dns/dns-binds.pcap differ
diff --git a/testing/btest/scripts/base/protocols/dns/binds.zeek b/testing/btest/scripts/base/protocols/dns/binds.zeek
new file mode 100644
index 0000000000..fc74bee6f4
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/dns/binds.zeek
@@ -0,0 +1,10 @@
+# @TEST-EXEC: zeek -b -C -r $TRACES/dns/dns-binds.pcap %INPUT > output
+# @TEST-EXEC: btest-diff dns.log
+# @TEST-EXEC: btest-diff output
+
+@load policy/protocols/dns/auth-addl
+
+event dns_BINDS(c: connection, msg: dns_msg, ans: dns_answer, binds: dns_binds_rr)
+	{
+	print "BINDS", binds;
+	}
diff --git a/testing/btest/scripts/base/protocols/dns/wks.pcap b/testing/btest/scripts/base/protocols/dns/wks.zeek
similarity index 100%
rename from testing/btest/scripts/base/protocols/dns/wks.pcap
rename to testing/btest/scripts/base/protocols/dns/wks.zeek