DNS monitor

Had a little incident today, so I ended up writing this.

Uses 'nslookup' because I actually wanted some of the nslookup side-effects;for example, it's difficult to get 'host' to "show it's work" and yetalso producethe same output in the same order each time (so the 'diff' will work correctly). Crude, yet effective.

Hopefully It'll just run quietly for years, never kicking off emails from cron,but at least now I won't be blindsided when somebody decides that simplybecause you can't ping something, it's okay to delete the host from DNS ;)

$ cat  $HOME/bin/dns-validate.pl



#! /usr/bin/perl



#



# No authorship, no copyright, no support.



# KK2005



#



#



$nslookup="/usr/sbin/nslookup";







$dir=$ENV{'HOME'}."/public_html/dns/";







$oldfile=$dir."status.then";



$outfile=$dir."status.now";







@ns= (  "127.0.0.1","207.227.240.1",



      );



#



#



#



die "Missing nslookup $nslookup $!"  unless(-x $nslookup);







chdir($dir)  die $!;



rename($outfile,$oldfile);







system("co -q -l $outfile");



open(OUT,">$outfile")  die $!;







while() {



      next if(m/^#/);



      chomp;



      print OUT "#" x 64, "\n";



      print OUT "#\n# ",$_,"#\n\n";







      foreach $server (sort(@ns)) {



              print OUT "\n # Server $server\n";



              print OUT `nslookup $_ $server`;



              print OUT "\n";



              }



      print OUT "### End $_ $nameserver###\n";



      }



print OUT "\n###\n# End nslookup\n#\n";











print OUT "\n# Contents of /etc/resolv.conf\n",`cat /etc/resolv.conf`,"\n";



print OUT "###EOF###\n";







close(OUT);



chmod(0644,$outfile);







system("ci", "-u", "-q", "-m$0", $outfile);



system("diff", "-w", "-c", "-T", $oldfile, $outfile);



exit($?);











__DATA__



#



#



# Enter your hostnames here, one per line.



# Comment lines must have a '#' as the very first character



#



# Example entries below, I recommend removing these.



#



127.0.0.1



example.com



###EOF###

Network Monitoring Tools

Realtime monitoring is a particularly difficult application to implement, many monitoring products themselves can have a detrimental effect on the systems being monitored. This is one reason that WAN monitoring instrumentation needs to be implemented by our team, to avoid disruption to the WAN/routers.

Our team currently uses a combination of HP Openview, VitalNet, and other software for our network "health" information and alerting. In other enterprises (Ameritech) I have previously used Concord (http://www.concord.com/) products to the same effect. All of these solutions provide useful statistics (but not mapping) and are limited their ability to detect and deal with dependencies.


There are applications which provide a map display such as Don envisions, some in real-time, these are generally among the more expensive products. I have been working on a limited open-source application (http://sourceforge.net/projects/netmap/) providing some of this functionality, and the graphing and display issues involved are just the tip of the iceberg.

There are several map-capable products that could be considered, I've heard good things about these three:

• http://www.ipswitch.com/Products/WhatsUp/monitoring.html
• http://www.lanware.net/NetworkManagment.asp
• http://www.intermapper.com/

The most recent NWFusion buyers guide for Network Monitoring I can find (http://www.nwfusion.com/bg/netmon/netmon.jsp) was published in 1999, and is sorely out of date. They still list NetMetrix and other non-existent products, and there are probably many new products in this arena which are not included. Perhaps there are other, better, resources for locating vendors?