Monitoring Bind9 in Zabbix

For example, I will describe the option of monitoring the DNS server Bind9 in Zabbix.

To start, we turn on the Bind9 statistics, open the configuration file in a text editor, for example nano (Ctrl+X to exit, y/n to save or discard changes):

sudo nano /etc/bind/named.conf

And add the following lines (where the first IP and port is the interface on which statistics will be visible, and the following – from which access to it is allowed):

statistics-channels {
     inet 192.168.10.1 port 8053 allow { 127.0.0.1; 192.168.10.1; 192.168.10.15;};
};

But it is better to run only at the local address:

statistics-channels {
     inet 127.0.0.1 port 8053 allow { 127.0.0.1; };
};

And restart Bind to apply the changes:

sudo /etc/init.d/bind9 restart
netstat -tulpn | grep :8053

After that, in the browser typing http://192.168.5.1:8053/ you can see Bind9 statistics.

If an error occurred: error “Extra content at the end of the document”, then you probably specified the wrong IP address.

We will install the necessary components necessary for obtaining statistics from the terminal:

sudo apt-get install xml2 curl

Check if the statistics are displayed:

curl -s http://localhost:8053/ 2>/dev/null | xml2 | grep -A1 -E 'queries|=Qry'
curl http://192.168.5.5:8053/ 2>/dev/null | xml2 | grep -A1 queries

Now we will add the parameters of Zabbix agent /etc/zabbix/zabbix_agentd.conf to the parameters that we will monitor:

# The number of connections udp to DNS:
UserParameter=bind.net.udp,netstat -nua | grep :53 | wc -l
# Number of tcp connections to DNS:
UserParameter=bind.net.tcp,netstat -nta | grep :53 | wc -l
# Number of incoming and outgoing requests:
#UserParameter=bind.queries.in[*],curl http://192.168.10.1:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/server/queries-in/rdtype/name=$1$" | tail -1 | cut -d= -f2
#UserParameter=bind.queries.out[*],curl http://192.168.10.1:8053/ 2>/dev/null | xml2 | grep -A1 "/isc/bind/statistics/views/view/rdtype/name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.in[*],curl http://127.0.0.1:8053/ 2>/dev/null | xml2 | grep -A1 "/statistics/server/counters/counter/@name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.out[*],curl http://127.0.0.1:8053/ 2>/dev/null | xml2 | grep -A1 "/statistics/views/view/counters/counter/@name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.query[*],curl http://127.0.0.1:8053/ 2>/dev/null | xml2 | grep -A1 "/statistics/server/counters/counter/@name=Qry$1$" | tail -1 | cut -d= -f2

And restart the Zabbix agent to apply the changes:

sudo /etc/init.d/zabbix-agent restart

Add data and graphics elements to the new template on the Zabbix server (type – Zabbix agent, examples of keys below):

bind.queries.in[A]
bind.queries.out[A]
bind.queries.in[AAAA]
bind.queries.out[AAAA]
bind.queries.in[NS]
bind.queries.out[NS]
bind.queries.in[MX]
bind.queries.out[MX]
bind.queries.in[PTR]
bind.queries.out[PTR]
bind.queries.in[SOA]
bind.queries.out[SOA]
bind.queries.in[TXT]
bind.queries.out[TXT]
bind.queries.in[ANY]
bind.queries.out[ANY]
bind.queries.in[SPF]
bind.queries.out[SPF]
bind.queries.in[CNAME]
bind.queries.out[CNAME]
bind.queries.in[DS]
bind.queries.out[DS]
bind.queries.in[DNSKEY]
bind.queries.out[DNSKEY]
bind.queries.in[RRSIG]
bind.queries.out[RRSIG]
...
bind.queries.query[AuthAns]
bind.queries.query[Dropped]
bind.queries.query[Duplicate]
bind.queries.query[Failure]
bind.queries.query[FORMERR]
bind.queries.query[NoauthAns]
bind.queries.query[NXDOMAIN]
bind.queries.query[Nxrrset]
bind.queries.query[Recursion]
bind.queries.query[Referral]
bind.queries.query[SERVFAIL]
bind.queries.query[Success]

In order not to frequently pull Bind9, you can save statistics to a file via cron, for example, every 2 minutes:

*/2  *   *   *   *  root  curl -s http://localhost:8053/ | xml2 > /tmp/bind_stat.txt

And then from the file transfer data to Zabbix:

UserParameter=bind.queries.in[*],cat /tmp/bind_stat.txt | grep -A1 "/statistics/server/counters/counter/@name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.out[*],cat /tmp/bind_stat.txt | grep -A1 "/statistics/views/view/counters/counter/@name=$1$" | tail -1 | cut -d= -f2
UserParameter=bind.queries.query[*],cat /tmp/bind_stat.txt | grep -A1 "/statistics/server/counters/counter/@name=Qry$1$" | tail -1 | cut -d= -f2

See also my articles:
Monitoring DNS from Zabbix
Installing and Configuring DNS Server BIND9
IPTables rules for DNS

Join the Conversation

1 Comment

Leave a Reply

  1. hello ,
    First , thank u very much for this important work
    can u please tell us more details about the last line of userparameter please
    Regards,