Hello,
I have a problem with check_dns plugins. I need to check some SPF TXT records but plugin send me wrong values.
For ex. I checking our domain ness.com that has SPF TXT record _spf-c.ness.com
This SPF TXT records include text „v=spf1 ip4:67.231.157.48 ip4:208.73.180.202 ip4:84.1.158.93 ip4:216.218.72.238 ip4:159.182.160.36 ip4:217.77.169.8 ip4:67.231.152.58 ip4:212.143.60.114 -all“
But Nagios shows this result:
root@nagios:/usr/local/nagios/libexec# ./check_dns -H _spf-c.ness.com -s ns1.bezeqint.net -q ANY
DNS OK: 0.212 seconds response time. _spf-c.ness.com returns -all"|time=0.212144s;;;0.000000
From whole SPF TXT record i already receive only last string -all. Nothing else.
If I ask only for TXT records, then I receive:
root@czprgux34:/usr/local/nagios/libexec# ./check_dns -H _spf-c.ness.com -s ns1.bezeqint.net -q TXT
DNS CRITICAL - query type of -querytype=TXT was not found for _spf-c.ness.com
check_dns issue
Re: check_dns issue
I filed a GitHub issue as it seems to be a bug with the plugin. I was able to get it working on 2.0.3 though, so it may be worth downgrading your plugins for the time. (or just that one)
https://github.com/nagios-plugins/nagio ... issues/200
https://github.com/nagios-plugins/nagio ... issues/200
Former Nagios Employee
Re: check_dns issue
Hello rkennedy,
thank you for your help. I Install check_dns from version 2.0.3. I´ll wait for fix of check_dns plugin now.
PS: now i have another one issue. The plugin receive this string:
DNS OK: 0.191 seconds response time. _spf-a.ness.com returns "v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"|time=0.190941s;;;0.000000
for query:
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -q TXT
Is there any way, how to check if only one IP addrees exist in the string above? I tried to use parameter -a
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -a '31.30.3.41' -q TXT
but i received:
DNS CRITICAL - expected '31.30.3.41' but got '"v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"'
thank you for your help. I Install check_dns from version 2.0.3. I´ll wait for fix of check_dns plugin now.
PS: now i have another one issue. The plugin receive this string:
DNS OK: 0.191 seconds response time. _spf-a.ness.com returns "v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"|time=0.190941s;;;0.000000
for query:
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -q TXT
Is there any way, how to check if only one IP addrees exist in the string above? I tried to use parameter -a
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -a '31.30.3.41' -q TXT
but i received:
DNS CRITICAL - expected '31.30.3.41' but got '"v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"'
-
- Posts: 1597
- Joined: Tue Sep 27, 2016 4:57 pm
Re: check_dns issue
The current plugin doesn't include that functionality for TXT records. You can create a wrapper for the plugin which parses the output for the IP and exits with the appropriate return code.
https://nagios-plugins.org/doc/guidelines.html
https://mathias-kettner.de/checkmk_localchecks.html
http://www.yourownlinux.com/2014/06/how ... cript.html
check_dns is mostly just a wrapper to nslookup so sticking another wrapper around that to fit you needs is quite doable.
https://nagios-plugins.org/doc/guidelines.html
https://mathias-kettner.de/checkmk_localchecks.html
http://www.yourownlinux.com/2014/06/how ... cript.html
check_dns is mostly just a wrapper to nslookup so sticking another wrapper around that to fit you needs is quite doable.
Previous Nagios employee