DNS-collector
NOTE: The code before version 1.x is considered beta quality and is subject to breaking changes.
DNS-collector
acts as a passive high speed aggregator, analyzer, transporter and logging for your DNS messages, written in Golang. The DNS traffic can be collected and aggregated from simultaneously sources like DNStap streams, network interface or log files and relays it to multiple other listeners with some transformations on it (filtering, sampling, privacy, ...).
DNS-collector also contains DNS parser with EDNS
support.
Collectors:
- Listen for logging traffic with streaming network protocols
- Live capture on a network interface
- Read text or binary files as input
Loggers:
- Redirect DNS logs to stdout or files in plain text or binary mode
- Print directly to your
Stdout
console
- Write to
File
with several formats
- Provide metrics and API
- Send to remote host with generic protocol
- Send to various sinks
Transformers:
Get Started
Download the latest release
binary and start the DNS-collector with the provided configuration file. The default configuration listens on tcp/6000
for a DNSTap stream and DNS logs are printed on standard output.
./go-dnscollector -config config.yml
If you prefer run it from docker, follow this guide.
Configuration
The configuration of DNS-collector is done through a file named config.yml
. When the DNS-collector starts, it will look for the config.yml from the current working directory.
See the full configuration guide for more details.
Examples:
You will find below some examples of configuration to manage your DNS logs.
Contributing
See the development guide for more information on how to build it yourself.