# DNS Collector DNS Collector is a lightweight tool written in Go that captures DNS queries and responses from DNS servers, processes them intelligently, and sends clean data to monitoring or analytics systems. Licensed under MIT. Positioned as the missing piece between DNS servers and your data stack. ## What it does - **Captures DNS data** from DNS servers (BIND, PowerDNS, Unbound, CoreDNS, etc.) via DNStap protocol or live network capture (PCAP) - **Filters out noise** like health checks, internal queries, or spam before storage - **Enriches data** with GeoIP, threat intelligence, or custom metadata - **Outputs clean data** to files, databases, SIEM tools, or monitoring dashboards ## Key features - DNS-native processing (understands DNS protocol, EDNS, query types natively) - Edge processing: filter and enrich DNS data before storage, not after - Multiple input sources: DNStap streams, live network capture, log files - DNS-aware transformations: noise filtering, user privacy - Flexible output formats: text, JSON, PCAP, Jinja2 templates - Enhanced DNStap: TLS encryption, compression, extended metadata - REST API and Prometheus metrics for telemetry - [[Docker]] deployment support ## Integrations - DNS servers: BIND, PowerDNS, Unbound, CoreDNS - Monitoring: Prometheus, Grafana, Loki - Logging: Fluentd, syslog - Output: Files, databases, SIEM tools ## References - Source code: https://github.com/dmachard/DNS-collector - Documentation: https://github.com/dmachard/DNS-collector/tree/main/docs ## Related - [[Domain Name System (DNS)]]