DNS

check_dns_rrsig

Write a Review

Description:

This checks to make sure the nameserver (-H) has RRSIG records for the zone specified with more than WARNING or CRITICAL days before expiration.

Current Version

Last Release Date

February 18, 2010

Compatible With

Owner

Nagios Exchange

Copy Page Link Recommend Login to Add to Favorites Login to Claim
Project Files
FileDescription
check_dns_rrsig.pl
Project Notes
NAME check_dns_rrsig.pl - Verify RRSIG expiration for a zone. SYNOPSIS check_dns_rrsig.pl -H host -z zone [ options ] host: The server to query zone: The DNS zone to monitor. OPTIONS -z|--zone zone The DNS zone to monitor. -H|--host host The nameserver to query. -t timeout Specify the plugin timeout. Defaults to 15 seconds. -c|--critical critical threshold in days Specify the number of days remaining before raising a critical alert. Defaults to 14 days. -w|--warning warning threshold in days Specify the number of days remaining before raising warning alert. Defaults to 3 days. -V|--version Print the version number and exit -v|verbose Increase verbosity. DESCRIPTION This checks to make sure the nameserver (-H) has RRSIG records for the zone specified with more than WARNING or CRITICAL days before expiration. AUTHOR Copyright (c) 2010 Chan Wilson
Reviews (1) Add a Review
Useful plugin
by kpiti, September 30, 2015
Just the thing I needed not to be left without a valid signed zone. The issue I had (and spent some hours on it) was that while it was working perfectly from the command line, nagios kept complaining:
Warning: Check of service 'DNSSECexpire' on host xy did not exit properly

And the reason/cure is that the embedded perl finds an error - Variable "%opts" will not stay shared..
The solution is to explicitly turn off EPN by inserting in first 10 lines
# nagios: -epn

Works great since..
Helpful?    
Report
Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
4 (1)
Favorites
0
Views
153,398