Osquery prometheus6/18/2023 WARNING: This will can lead to lots of metrics in your Prometheus database! ($BIND_QUERY_EXPORTER_NAMES_CAPTURE_CLIENT) names.capture-client Enable capturing the client making the client IP or name as part of the vector. ($BIND_QUERY_EXPORTER_NAMES_EXCLUDE_FILE) ="" Path to a file of DNS names that this exporter WILL NOT export when the Names filter is enabled. ($BIND_QUERY_EXPORTER_NAMES_INCLUDE_FILE) ="" Path to a file of DNS names that this exporter WILL export when the Names filter is enabled. The regular expression pattern with three capturing matches for the client IPi, the queried name, and the query type ($BIND_QUERY_EXPORTER_PATTERN) Defaults to '/var/log/bind/queries.log' ($BIND_QUERY_EXPORTER_LOG) h, -help Show context-sensitive help (also try -help-long and -help-man). On Debian-based systems, placing the following contents in /etc/bind/ will enable logging: Note that BIND does not log queries by default, so logging must be turned on before this collector will do much. Using the to see if your authoritative DNS server is receiving queries for domain names you don't ownĭepending on the use case, enabling -names.capture-client and -reverse-lookup may be helpful.Using the to identify if clients on your network are reaching out to forbidden domain names.Using the to see if a list of DNS names you would like to decommission are still receiving queries.However, enabling the Names collector with llectors="Names" makes DNS query hits per name available (see the warning in the Names collector documentation below). It is based on the node_exporter and cf_exporter projects.īy default, this exporter's Stats collector doesn't do anything special that you can't get with the much better bind_exporter query stats. A Prometheus exporter that captures information from the BIND queries log file.
0 Comments
Leave a Reply. |