Experimental DNS logs pipeline based on Pi-hole dnsmasq logs, ELK stack, and Filebeat. Sample configs included.
See my blog post for details: https://www.politoinc.com/post/how-to-build-your-own-dns-sinkhole-and-dns-logs-monitoring-system
Feedback welcome!