But how would I configure the monitor to alert anytime a DNS record is removed? From what I can tell the monitor is setup to just try to resolve a specified record. Would I have to create a monitor for every DNS record?
Correct. This monitor was designed to monitor the performance (response time), availability (responds to query), as well as validate the response from the query to ensure the entry is valid and expected. It was not designed to function as a sort of configuration change management solution for DNS. If that is what you're after then IPAM would be your best bet.
And this is where I'm running into the issue. I can't seem to see anything within IPAM that shows when a DNS record is removed. We've had several instances where DNS records were inexplicably removed and if I look at the IPAM events, there's no event showing IPAM detected it.
So in essence there's nothing within SolarWinds that will scan DNS records and alert on when any have been deleted. I'd have to either use the Event Log Monitor to scan for a specific event, or a DNS User Experience Monitor to scan for a specific record. All IPAM is going to tell me is when a record is removed through IPAM.
IPAM events are only triggered if you make the change via IPAM (remove DNS or add DNS record). It doesn't report change after each scan of DNS zone.
What's the use case behind your alert. do you want to watch specific DNS zones and records and make sure unauthorized person does not delete records? Also, how it should behave with DDNS enabled?
thanks a lot for feedback.
For our case, we've had several times where some of our customer facing sites have suddenly become inaccessible and the root cause has been due to the DNS record for the site disappearing. We are looking for a way to monitor when records are removed in order to try to stay ahead of this occurring. I would assume that there wouldn't be much of a way to monitor this with DDNS, but I know there are some Windows Events that are written when records are removed. I have been monitoring those, but wanted to check to see if there was a way for IPAM to scan DNS records, compare to a previous scan and report on those that are no longer present similar to how Orion handles thin APs when scanning a wireless controller.
Were having this exact issue as well and I was hoping I could get something out of solarwinds for change control. Were you ever able to figure this one out?
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.