Hi HN!
I built DNS-collector to solve a DNS monitoring problem: systems drowning in noise from health checks, bad project behavior with internal queries, etc
Instead of processing DNS logs after storage, it works at the edge – capturing from DNS servers (BIND, PowerDNS, Unbound) via DNStap, filtering out noise, adding enrichment (GeoIP, threat intel), then sending clean data to your monitoring stack.
What it does:
- Captures from major DNS servers via DNStap or live network capture
- Filters noise (health checks, internal queries, spam) before storage
- Enriches with GeoIP, threat intelligence, custom metadata
- Outputs clean data to databases, SIEM tools, monitoring dashboards
Written in Go. *I actually learned Go while building this project* – it started as a way to solve a real problem and became my Go learning journey.
GitHub: https://github.com/dmachard/DNS-collector
*Looking for code reviews and optimization feedback!* Specifically:
- Memory allocation patterns in high-throughput scenarios
- Goroutine usage and channel buffering strategies
- DNS packet parsing performance bottlenecks
- Better error handling patterns
Would love feedback from Go experts on the architecture and performance
