I see that the check_dns plugin is present on the distro (in the directory) but is not present in nconf. I'm wondering if I am inviting trouble at my next upgrade if I enable it, or if there is a reason it was omitted.
I spent a bit of time trying to do this with check_udp, and that is hard. Then i noticed the dns plugin was there.
Welcome any thoughts or insights.
Happy New Year.
Jim
Check_dns
RE: Check_dns
For what is worth, I went ahead and tried this. For those who may be newer to this, I created a "check_dns" checkcommand in nconf, with the following settings: (this will make sense to you if you have the screen up in front of you).
command line: $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ -a $ARG2$
params description: arg1=name to query, arg2=expected address, arg3=-w warn secs -c crit secs -t timeout secs
amount of params: 3
I then created and advanced service, using the above check command, with three params (the 3rd one is optional).
ARG1: xyz.com
ARG2: 10.10.10.10
ARG3: -w 1 -c 3
This will lookup xyz.com, and throw an error if it does not return the address 10.10.10.10. It will throw a warning if the query takes longer than 1 second, and it will throw a critical if it takes longer than 3 seconds. If you omit the 3rd ARG, it will only throw an error if it does not resolve in 10 seconds, also configurable. It would tell you if your dns is not functioning, is functioning slowly, or if someone hijacked it to return a different address.
Seems to work well.
Hope someone finds this useful.
Jim
command line: $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ -a $ARG2$
params description: arg1=name to query, arg2=expected address, arg3=-w warn secs -c crit secs -t timeout secs
amount of params: 3
I then created and advanced service, using the above check command, with three params (the 3rd one is optional).
ARG1: xyz.com
ARG2: 10.10.10.10
ARG3: -w 1 -c 3
This will lookup xyz.com, and throw an error if it does not return the address 10.10.10.10. It will throw a warning if the query takes longer than 1 second, and it will throw a critical if it takes longer than 3 seconds. If you omit the 3rd ARG, it will only throw an error if it does not resolve in 10 seconds, also configurable. It would tell you if your dns is not functioning, is functioning slowly, or if someone hijacked it to return a different address.
Seems to work well.
Hope someone finds this useful.
Jim