Getting Data In
Highlighted

NSlookup on Network Tools App with Specified DNS Server?

Explorer

I am trying to write an alert in Splunk which will tell us if the 2 DNS servers we have setup for a domain are working as intended. I want to use NSLookup and not Ping to verify the DNS servers are translating the IPs.
The Network Tools app has NSLookup command syntax as

| nslookup hostname

This command works but does not use the DNS servers I intend to test. I would like to see if we can have the command work in this manner:

| nslookup hostname Dns-Server

I looked in nslookupSearchcommand.py file, and see it has
result=nslookup(host=self.host, server=self.server, index=index, logger=self.logger)

I am wondering if the Server is meant to be the DNS server in the above line and if its worked for anyone.

Thoughts??

0 Karma
Highlighted

Re: NSlookup on Network Tools App with Specified DNS Server?

Explorer

I reached out to the author of the app and he was gracious to make the changes. The updated version of the app now supports the above requirement.

View solution in original post

0 Karma
Highlighted

Re: NSlookup on Network Tools App with Specified DNS Server?

Builder

@khavildar - I also want to use the same scenario. Actually, I want to check from specific DNS servers, whether they are resolving or not and index those events and show the status of nslookup from those specific dns servers for internal and external domains on the dashboard. Is it possible using Network tools app ? Can you guide on how you did that ? I have installed the app on my heavyforwarder ?

0 Karma