monitoring bind9 DNS server with Zabbix

DNS-in-zabbix graph example

This is how to monitor the amount of queries in bind9 (version required is bind 9.5 at least) with Zabbix.

You need a working Zabbix server to follow these steps.

First, enable statistics in bind9. To do so, add the following line in /etc/bind/named.conf. (The location of the file can vary for different distributions). Do not put it between options {}!

statistics-channels {
 inet 127.0.0.1 port 8053 allow { 127.0.0.1; };
};

Then, restart bind:

# service bind9 restart

This enables a web service within bind. To query it, we use curl and to flatten the served XML we use xml2. Both must be installed for this to work. On Debian flowered systems, simply do this:

# apt-get install xml2 curl

Now you can try to query by hand:

# curl http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 queries

This spits out the counter for every request done against your nameserver. Now, configure Zabbix agents so they can get data to monitor this. Add the following two lines to /etc/zabbix/zabbix_agentd.conf:

UserParameter=bind.queries.in[*],curl http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/server/queries-in/rdtype/name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.out[*],curl http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/views/view/rdtype/name=$1$" | tail -1 | cut -d= -f2

Then, restart zabbix agent:

# service zabbix-agent restart

And now you can add items to your Zabbix config like so:

bind.queries.in[A]
bind.queries.out[A]

Or, download my template ( zabbix-bind9-dns-template ) and import it in Zabbix. The following is then pre configured:

  • A records in & out
  • AAAA records in & out
  • ANY records in & out
  • CNAME records in & out
  • MX records in & out
  • NS records in & out
  • PTR records in & out
  • SOA records in & out
  • SPF records in & out
  • TXT records in & out
  • All queries in graph
  • All queries out graph

 

14 Comments

  1. Hi,

    do you know how can i parser xml in centos?

    Thanks.

  2. mr51m0n

    03.12.2013 at 14:01

    Hi Vukomir

    I could not figure out how to do this, a simple command like xml2 does not seem to exist!
    I guess the easiest way is to use xsltproc and write a proper XSLT file.

    Anyone?

  3. Thanks you so much for this, works perfectly, saved me loads of work.

  4. Works fine, thank you.

  5. Hello

    I use:
    starting BIND 9.9.5-9-Debian

    Error log :
    /etc/bind/named.conf.options:28: unknown option ‘statistics-channels’

    What to do?
    Thank you for your help

    Mz

  6. mr51m0n

    24.08.2015 at 21:33

    Hey Mz

    Can you post your /etc/bind/named.conf.options file?

  7. Hello, thank you for monitoring dns.
    Why you set 2 this 2 minutes, why not 1 minute, or 30 seconds?

  8. 2 is delta,parser eating )

  9. mr51m0n

    05.01.2016 at 11:56

    Hey cru5ader

    You can change it as you like. For me this is enough, since honestly I’m more interested in history. Also it needs more performance and storage on the Zabbix server if you reduce the time between checks.

    You may edit the template as you wish to fit your needs.

  10. HI,
    I have this error

    After this operation, 1,008 kB of additional disk space will be used.
    Do you want to continue [Y/n]? y
    Err http://ftp.us.debian.org/debian/ stable/main libcurl3 amd64 7.38.0-4+deb8u2
    404 Not Found [IP: 64.50.236.52 80]
    Err http://ftp.us.debian.org/debian/ stable/main curl amd64 7.38.0-4+deb8u2
    404 Not Found [IP: 64.50.236.52 80]
    Get:1 http://ftp.us.debian.org/debian/ stable/main xml2 amd64 0.4-3.1 [15.9 kB]
    Fetched 15.9 kB in 0s (18.3 kB/s)
    Failed to fetch http://ftp.us.debian.org/debian/pool/main/c/curl/libcurl3_7.38.0-4+deb8u2_amd64.deb 404 Not Found [IP: 64.50.236.52 80]
    Failed to fetch http://ftp.us.debian.org/debian/pool/main/c/curl/curl_7.38.0-4+deb8u2_amd64.deb 404 Not Found [IP: 64.50.236.52 80]
    E: Unable to fetch some archives, maybe run apt-get update or try with –fix-missing?

    Can you help me?

  11. mr51m0n

    13.04.2016 at 14:22

    Hi

    You could try to run

    # apt-get update

    And then try again.

  12. HI
    I am trying to graph the below
    QryRecursion
    QrySuccess
    QryNoauthAns

    I have modified my zabbix conf
    UserParameter=bind.queries.success,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QrySuccess” | tail -1 | cut -d= -f2
    UserParameter=bind.queries.referral,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QryReferral” | tail -1 | cut -d= -f2
    UserParameter=bind.queries.nxrrset,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QryNxrrset” | tail -1 | cut -d= -f2
    UserParameter=bind.queries.nxdomain,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QryNXDOMAIN” | tail -1 | cut -d= -f2
    UserParameter=bind.queries.recursion,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QryRecursion” | tail -1 | cut -d= -f2
    UserParameter=bind.queries.failure,curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -i “/isc/bind/statistics/server/nsstat/name=QryFailure” | tail -1 | cut -d= -f2

    Still can t graph

  13. I’ve installed the DNS template you provided, but i keep getting vaules on Mbit or MB on the graphs. I’ve tried changing Numeric (float) unsignde, Store data as is, but keep getting the same result. using just: bind.queries.in[A] What other parameters can i change?

  14. Marty Godsey

    25.08.2016 at 07:10

    I am getting this error when using your template

    became not supported: Received value [] is not suitable for value type [Numeric (unsigned)] and data
    type [Decimal]

Leave a Reply

Your email address will not be published.

*

© 2017 netmess

Theme by Anders NorenUp ↑