Getting Data In

NSlookup on Network Tools App with Specified DNS Server?

khavildar
Explorer

I am trying to write an alert in Splunk which will tell us if the 2 DNS servers we have setup for a domain are working as intended. I want to use NSLookup and not Ping to verify the DNS servers are translating the IPs.
The Network Tools app has NSLookup command syntax as

| nslookup hostname

This command works but does not use the DNS servers I intend to test. I would like to see if we can have the command work in this manner:

| nslookup hostname Dns-Server

I looked in nslookup_Search_command.py file, and see it has
result=nslookup(host=self.host, server=self.server, index=index, logger=self.logger)

I am wondering if the Server is meant to be the DNS server in the above line and if its worked for anyone.

Thoughts??

0 Karma
1 Solution

khavildar
Explorer

I reached out to the author of the app and he was gracious to make the changes. The updated version of the app now supports the above requirement.

View solution in original post

0 Karma

khavildar
Explorer

I reached out to the author of the app and he was gracious to make the changes. The updated version of the app now supports the above requirement.

0 Karma

pgadhari
Builder

@khavildar - I also want to use the same scenario. Actually, I want to check from specific DNS servers, whether they are resolving or not and index those events and show the status of nslookup from those specific dns servers for internal and external domains on the dashboard. Is it possible using Network tools app ? Can you guide on how you did that ? I have installed the app on my heavyforwarder ?

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...