cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Highlighted
Level 17

Need assistance with DNS record monitoring

I've seen a few posts regarding IPAM monitoring DNS and SAM being able tp monitor DNS, but what I need assistance on is how to set up either to detect when a DNS record has been removed, then a corresponding alert.  Any assistance would be greatly appreciated.

Tags (3)
0 Kudos
10 Replies
Highlighted
Product Manager
Product Manager

Re: Need assistance with DNS record monitoring

This would be a function of SAM's DNS User Experience Monitor.

Level 17

Re: Need assistance with DNS record monitoring

But how would I configure the monitor to alert anytime a DNS record is removed?  From what I can tell the monitor is setup to just try to resolve a specified record.  Would I have to create a monitor for every DNS record?

0 Kudos
Highlighted
Product Manager
Product Manager

Re: Need assistance with DNS record monitoring

Correct. This monitor was designed to monitor the performance (response time), availability (responds to query), as well as validate the response from the query to ensure the entry is valid and expected. It was not designed to function as a sort of configuration change management solution for DNS. If that is what you're after then IPAM would be your best bet.

IPAM Events.png

0 Kudos
Highlighted
Level 17

Re: Need assistance with DNS record monitoring

And this is where I'm running into the issue.  I can't seem to see anything within IPAM that shows when a DNS record is removed.  We've had several instances where DNS records were inexplicably removed and if I look at the IPAM events, there's no event showing IPAM detected it.

0 Kudos
Highlighted
Product Manager
Product Manager

Re: Need assistance with DNS record monitoring

The change would need to have occurred through (using) IPAM for an event to have been created, but this is likely a topic better suited for the IPAM forum.

0 Kudos
Highlighted
Level 17

Re: Need assistance with DNS record monitoring

So in essence there's nothing within SolarWinds that will scan DNS records and alert on when any have been deleted.   I'd have to either use the Event Log Monitor to scan for a specific event, or a DNS User Experience Monitor to scan for a specific record.  All IPAM is going to tell me is when a record is removed through IPAM.

0 Kudos
Highlighted

Re: Need assistance with DNS record monitoring

IPAM events are only triggered if you make the change via IPAM (remove DNS or add DNS record). It doesn't report change after each scan of DNS zone.

What's the use case behind your alert. do you want to watch specific DNS zones and records and make sure unauthorized person does not delete records? Also, how it should behave with DDNS enabled?

thanks a lot for feedback.

0 Kudos
Highlighted
Level 17

Re: Need assistance with DNS record monitoring

For our case, we've had several times where some of our customer facing sites have suddenly become inaccessible and the root cause has been due to the DNS record for the site disappearing.  We are looking for a way to monitor when records are removed in order to try to stay ahead of this occurring.  I would assume that there wouldn't be much of a way to monitor this with DDNS, but I know there are some Windows Events that are written when records are removed.  I have been monitoring those, but wanted to check to see if there was a way for IPAM to scan DNS records, compare to a previous scan and report on those that are no longer present similar to how Orion handles thin APs when scanning a wireless controller.

Highlighted
Level 7

Re: Need assistance with DNS record monitoring

Were having this exact issue as well and I was hoping I could get something out of solarwinds for change control. Were you ever able to figure this one out?

0 Kudos