I am trying to write an alert in Splunk which will tell us if the 2 DNS servers we have setup for a domain are working as intended. I want to use NSLookup and not Ping to verify the DNS servers are translating the IPs.
The Network Tools app has NSLookup command syntax as
| nslookup hostname
This command works but does not use the DNS servers I intend to test. I would like to see if we can have the command work in this manner:
| nslookup hostname Dns-Server
I looked in nslookupSearchcommand.py file, and see it has
result=nslookup(host=self.host, server=self.server, index=index, logger=self.logger)
I am wondering if the Server is meant to be the DNS server in the above line and if its worked for anyone.
@khavildar - I also want to use the same scenario. Actually, I want to check from specific DNS servers, whether they are resolving or not and index those events and show the status of nslookup from those specific dns servers for internal and external domains on the dashboard. Is it possible using Network tools app ? Can you guide on how you did that ? I have installed the app on my heavyforwarder ?