How to capture DNS requests in Linux using the tcpdump utility.

Warning: There is a dot after the domain, this is intended output from tcpdump

The command is:

sudo tcpdump -l port 53 2>/dev/null | grep --line-buffered ' A? ' | cut -d' ' -f8

Let me break it down:

sudo tcpdump -l port 53 2>/dev/null

sudo - We can't use tcpdump without root permissions.
tcpdump -l - Run tcpdump with the -l flag, which means that it will make stdout line buffered.
port 53 - DNS requests go through port 53 so we'll want to capture that
2>/dev/null - Send stderr to /dev/null.

grep --line-buffered ' A? '

grep --line-buffered - Run grep with the --line-buffered flag, which means that grep will use line buffering.
' A? ' - search for  A?  and only return lines that match.

cut -d' ' -f8

cut - Run the cut utility
-d' ' - Use a space as the delimeter
-f8 - Get the eigth column