I have, and so do a lot of users, a firewall rule, that redirects (NAT) requests from clients, to other DNS servers than pihole, to pihole. This ensures no device is able to bypass pihole, examples: chromecast, nvidea shield, ...
The solution works perfectlly, however, it is impossible, using pihole, to determine which clients have tried this (use alternate DNS server), because the incoming ip address isn't in the database (as oposed to the ip address where pi-hole-FTL forwarded to).
To achieve this, I've already modified my /etc/dnsmasq.d/01-pihole.conf, content:
#interface=eth0 listen-address=192.168.2.57 listen-address=192.168.2.48 listen-address=127.0.0.1
dhcp configures the clients to use 192.168.2.57, the firewall redirects offending requests to 192.168.2.48
If the database (query table) could provide the incoming IP adddress, it would be very easy to use the query log / long term query data, to determine who the offenders are, and what they are trying to resolve (something like filter incoming_address = 192.168.2.48), or simply execute some sqlite3 statement to get the required data.