Receiving the following warning attempting to monitor the tls/ssl dns service running on port tcp/443 of a server. This check is being performed by the check_dig plugin:
DNS WARNING - 0.371 seconds response time (dig returned an error status)
Does check_dig (or another plugin) have the capability to perform this check eventhough it doesn't talk ssl?
If there was an example somewhere that I could reference it would be very helpful.
DNS WARNING- # seconds response time (dig returned an error)
Re: DNS WARNING- # seconds response time (dig returned an er
I briefly had a look for Nagios plugins that check DNS over SSL but I wasn't able to find any... in fact there doesn't seem to be a whole lot of information on DNS over SSL other than through VPN appliances and I've certainly never tried to secure it in any other way. In fact as best I can tell dig doesn't even support querying DNS over SSL, I honestly don't know what to suggest, maybe some one else around here will have some greater insight to dealing with a set up like that.
Re: DNS WARNING- # seconds response time (dig returned an er
stunnel can sometimes add SSL support to networked applications that don't support it. It's worth looking into, but I can't guarantee it'll work and I'm not sure how to start since it's been a long time since I used it last.
Re: DNS WARNING- # seconds response time (dig returned an er
I got an stunnel up but when I try to run check_dig in the following manner:
./check_dig -v -H localhost -p 8443 -l www.google.com -A "+tcp"
/usr/bin/dig @localhost -p 8443 www.google.com -t A +tcp
Looking for: 'www.google.com'
DNS WARNING - 0.204 seconds response time (dig returned an error status)|time=0.204327s;;;0.000000
Is my thought process correct if I set the STUNNEL to connect to port 443 of the remote ssl-dns server and then tell check_dig that the dns server is the localhost found off of the local port that i set of 8443?
I don't know what I am missing here...
Is there another way to monitor the ssl-dns server running on port 443 to make sure its resolving requests? Another nagios plugin perhaps, any suggestions at this point would be greatly appreciated.
./check_dig -v -H localhost -p 8443 -l www.google.com -A "+tcp"
/usr/bin/dig @localhost -p 8443 www.google.com -t A +tcp
Looking for: 'www.google.com'
DNS WARNING - 0.204 seconds response time (dig returned an error status)|time=0.204327s;;;0.000000
Is my thought process correct if I set the STUNNEL to connect to port 443 of the remote ssl-dns server and then tell check_dig that the dns server is the localhost found off of the local port that i set of 8443?
I don't know what I am missing here...
Is there another way to monitor the ssl-dns server running on port 443 to make sure its resolving requests? Another nagios plugin perhaps, any suggestions at this point would be greatly appreciated.
Re: DNS WARNING- # seconds response time (dig returned an er
Some programs just don't play nice with stunnel. I'm not sure what to tell you. You may have to develop this feature yourself or find someone else to do it for you. Nagios Enterprises does custom plugin development if you don't come up with another solution.