Nameserver SOA Check
Nameserver SOA Check
Hello Host-Monitor community,
I want to write a script to check the SOA records from different Nameservers for differences, does anyone have an example script or an script that does that already?
I have nearly to no experience in Powershell so I don't really know how to make a script all by myself and sadly couldn't find any good examples either.
Greetings
Celay
I want to write a script to check the SOA records from different Nameservers for differences, does anyone have an example script or an script that does that already?
I have nearly to no experience in Powershell so I don't really know how to make a script all by myself and sadly couldn't find any good examples either.
Greetings
Celay
If you are using PowerShell version 3 or 4, you may use Resolve-DnsName command
>resolve-dnsname www.microsoft.com -type soa
https://technet.microsoft.com/en-us/lib ... 90781.aspx
Regards
Alex
>resolve-dnsname www.microsoft.com -type soa
https://technet.microsoft.com/en-us/lib ... 90781.aspx
Regards
Alex
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
Windows nslookup utility also can be used with script.
example of JavaScript that uses nslookup tool and checks SOA record for modification (for HostMonitor Shell Script test method):
Start cmd: cmd /c cscript /B /E:JScript %Script% %Params%
Script requires 3 parameters: <host name> <DNS server> <tempfilePath>
E.g.:
google.com 8.8.8.8 D:\dnssoa_temp1.txt
Please note, separate temp file should be used for each test item.
example of JavaScript that uses nslookup tool and checks SOA record for modification (for HostMonitor Shell Script test method):
Code: Select all
statusUnknown = "scriptRes:Unknown:";
statusOk = "scriptRes:Ok:";
statusBad = "scriptRes:Bad:";
objArgs = WScript.Arguments;
if (objArgs.length != 3) {
WScript.StdOut.Write(statusUnknown + "Required 3 parameters: <host name> <DNS server> <tempfilePath>");
WScript.Quit;
}
var host = objArgs(0);
var DNS = objArgs(1);
var fname = objArgs(2);
var WshShell = new ActiveXObject("WScript.Shell");
var Str = WshShell.Exec("nslookup -querytype=soa "+host+" "+DNS).StdOut.ReadAll();
var StrB = getFile(fname);
if (Str == StrB) {
WScript.StdOut.Write(statusOk);
} else {
writeFile(fname,Str)
WScript.StdOut.Write(statusBad+"SOA modified");
}
function writeFile(fname,data) {
var fso = new ActiveXObject("Scripting.FileSystemObject"),
thefile=fso.CreateTextFile(fname,true);
thefile.Write(data);
thefile.Close();
}
function getFile(fname) {
try {
var oFS = new ActiveXObject('Scripting.FileSystemObject');
if (oFS.FileExists(fname)) {
var oFile = oFS.OpenTextFile(fname);
var str = ''
while (!oFile.AtEndOfStream) {
str = oFile.ReadAll();
}
oFile.Close();
return str;
}
} catch(e) {
WScript.StdOut.Write(statusUnknown + e.message+' ['+fname.replace(/\\\\/g,'\\')+']');
WScript.Quit;
return e.message;
}
}
Script requires 3 parameters: <host name> <DNS server> <tempfilePath>
E.g.:
google.com 8.8.8.8 D:\dnssoa_temp1.txt
Please note, separate temp file should be used for each test item.
First of all thanks for the fast response, great support as always.
The problem I have is not getting the SOA record of one Nameserver but of more than one and then checking them for differences.
I thought about saving the SOA record of one Nameserver in an temp .txt but I believe there could also be an way to save them as an variable and then check the variables for differences. But as I said, I don't really have any experience in Powershell/VBScript so I am not sure if it is even possible to save an variable in an Powershell script.
The problem I have is not getting the SOA record of one Nameserver but of more than one and then checking them for differences.
I thought about saving the SOA record of one Nameserver in an temp .txt but I believe there could also be an way to save them as an variable and then check the variables for differences. But as I said, I don't really have any experience in Powershell/VBScript so I am not sure if it is even possible to save an variable in an Powershell script.
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
You will not be able to store data in powershell/JS/VB varible, because, each time test starts script, new script instance is running.
You may save data into file and compare records from different DNS servers with records from file.
If you'll provide more information we may help you with the script:
1. What records should be compared? Example using nslookup tool?
2. What should be done, when some DNS server returns different record?
e.g.:
set Bad Status, overwrite temp file with updated info
or
set Bad Status, do not overwrite temp file (file will be overwritten manually)
3. May we see some examples of different SOA records using nslookup tool?
You may save data into file and compare records from different DNS servers with records from file.
If you'll provide more information we may help you with the script:
1. What records should be compared? Example using nslookup tool?
2. What should be done, when some DNS server returns different record?
e.g.:
set Bad Status, overwrite temp file with updated info
or
set Bad Status, do not overwrite temp file (file will be overwritten manually)
3. May we see some examples of different SOA records using nslookup tool?
Again thanks for the fast response and offer to help me.
To answer your questions:
1.The SOA records of all the Nameservers assigned to one site. example: google.com ns1.google.com - ns4.google.com
(nslookup -type=ns google.com) +
(nslookup -type=soa google.com NS1.google.com)
2.When a Server returns a different record it should simply set Bad Status in Host-Monitor.
3.I certainly (luckily) don't have any Site with different SOA records currently, but heres an example with Google. The NS1.google.com has the SOA 2014112500 currently, so do all other NS*.google.com Nameservers, the Script should first check site and get all nameservers
(nslookup -type=ns google.com) then get the SOA of all the nameservers (nslookup -type=soa google.com NS1.google.com,...) and then check them for differences if they're all the same = Good Status, otherwise = Bad Status.
To answer your questions:
1.The SOA records of all the Nameservers assigned to one site. example: google.com ns1.google.com - ns4.google.com
(nslookup -type=ns google.com) +
(nslookup -type=soa google.com NS1.google.com)
2.When a Server returns a different record it should simply set Bad Status in Host-Monitor.
3.I certainly (luckily) don't have any Site with different SOA records currently, but heres an example with Google. The NS1.google.com has the SOA 2014112500 currently, so do all other NS*.google.com Nameservers, the Script should first check site and get all nameservers
(nslookup -type=ns google.com) then get the SOA of all the nameservers (nslookup -type=soa google.com NS1.google.com,...) and then check them for differences if they're all the same = Good Status, otherwise = Bad Status.
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
JS script for Shell Script test method.
Script checks assigned DNS servers for the domain, then compares "serial" field of all DNS servers for specified domain.
Reply shows SOA serial and DNS count.
Start cmd: cmd /c cscript /B /E:JScript %Script% %Params%
Script requires 1 or 2 parameters: <host name> [<DNS>]
E.g.:
google.com
Script checks assigned DNS servers for the domain, then compares "serial" field of all DNS servers for specified domain.
Reply shows SOA serial and DNS count.
Code: Select all
statusUnknown = "scriptRes:Unknown:";
statusOk = "scriptRes:Ok:";
statusBad = "scriptRes:Bad:";
objArgs = WScript.Arguments;
if (objArgs.length < 1||objArgs.length > 2) {
WScript.StdOut.Write(statusUnknown + "Required 1 or 2 parameters: <host name> [<DNS>]");
WScript.Quit;
}
var host = objArgs(0);
var DNS = "";
if (objArgs.length>1) DNS = objArgs(1);
var WshShell = new ActiveXObject("WScript.Shell");
DNSs = getDNSs(host,DNS);
if (DNSs.length==0) {
WScript.StdOut.Write(statusUnknown+"Cannot get DNS servers for "+host+". Try to specify any DNS as 2nd parameter for the test.");
WScript.Quit;
}
var SOA = getSOAserial(host,DNSs[0]);
var SOA2 = "";
for (i = 1; i < DNSs.length; i++)
{
SOA2 = getSOAserial(host,DNSs[i]);
if (SOA!=SOA2) {
WScript.StdOut.Write(statusBad+SOA2+" "+DNSs[i]);
WScript.Quit;
}
}
WScript.StdOut.Write(statusOk+SOA+" ("+DNSs.length+")");
function getSOAserial(host,DNS) {
var Str = WshShell.Exec("nslookup -querytype=soa "+host+" "+DNS).StdOut.ReadAll();
var pos = Str.indexOf("serial =");
if (pos==-1) return "<serial not found>";
Str = Str.substr(pos+10);
pos = Str.indexOf("\r\n");
Str = Str.substr(0,pos);
return Str;
}
function getDNSs(host,DNS) {
if (DNS!="") DNS=" "+DNS;
var Str = WshShell.Exec("nslookup -querytype=ns "+host+DNS).StdOut.ReadAll();
var servers = [];
var pos = -1;
var tmp = "";
while (Str.indexOf("nameserver =")>-1) {
pos = Str.indexOf("nameserver =");
Str = Str.substr(pos+13);
pos = Str.indexOf("\r\n");
tmp = Str.substr(0,pos);
Str = Str.substr(pos);
servers.push(tmp);
}
return servers;
}
Script requires 1 or 2 parameters: <host name> [<DNS>]
E.g.:
google.com