Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import getdns
- import datetime
- import time
- from influxdb import InfluxDBClient
- from influxdb.client import InfluxDBClientError
- DBUSER = 'influx_dbuser'
- DBPASSWORD = 'influx_dbpass'
- DBNAME = 'influx_dbname'
- DBHOST = 'localhost'
- DBPORT = 8086
- dnssec_status = {
- 400: "DNSSEC_SECURE",
- 401: "DNSSEC_BOGUS",
- 402: "DNSSEC_INDETERINATE",
- 403: "DNSSEC_INSECURE",
- 404: "DNSSEC_NOT_PERFORMED"
- }
- recursive_servers = [
- [{ "address_type": "IPv4", "address_data": '8.8.8.8' }],
- [{ "address_type": "IPv4", "address_data": '9.9.9.9' }],
- ]
- monitored_domains = [
- "icann.org",
- "iana.org",
- "dnssec-failed.org",
- ]
- result_extension = {
- "dnssec_return_status" : getdns.EXTENSION_TRUE,
- "dnssec_return_validation_chain": getdns.EXTENSION_TRUE
- }
- getdns_result = {
- getdns.RESPSTATUS_GOOD: "GOOD",
- getdns.RESPSTATUS_NO_NAME: "NO_NAME",
- getdns.RESPSTATUS_ALL_TIMEOUT: "ALL_TIMEOUT",
- getdns.RESPSTATUS_NO_SECURE_ANSWERS: "NO_SECURE_ANSWERS",
- getdns.RESPSTATUS_ALL_BOGUS_ANSWERS: "ALL_BOGUS_ANSWERS"
- }
- KSK_tag = {
- 19036: "KSK2010",
- 20326: "KSK2017"
- }
- metric = "ksk"
- def main():
- series = []
- ctx = getdns.Context()
- ctx.resolution_type = getdns.RESOLUTION_STUB
- # For each recursive resolver
- for resolver in recursive_servers:
- ctx.upstream_recursive_servers = resolver
- # For each domain
- for domain in monitored_domains:
- pointValues = {}
- print("Info: Start using resolver {0} to validate {1}".format(resolver[0]["address_data"],domain))
- # EDNS, packet size, response time (latency)
- # Get result
- try:
- results = ctx.address(name=domain, extensions=result_extension)
- validation_chain = results.validation_chain
- ksk = validation_chain[-1]["rdata"]["key_tag"]
- dnssec_status_id = 0
- dnssec_status_str = ""
- for result in results.replies_tree:
- if "dnssec_status" in result.keys():
- dnssec_status_id = result["dnssec_status"]
- dnssec_status_str = dnssec_status[result["dnssec_status"]]
- break
- pointValues["measurement"] = metric
- pointValues["tags"] = {}
- pointValues["tags"]["resolver"] = resolver[0]["address_data"]
- pointValues["tags"]["domain"] = domain
- pointValues["tags"]["value"] = results.status
- pointValues["tags"]["result_str"] = getdns_result[results.status]
- pointValues["fields"] = {}
- pointValues["fields"]["dnssec_status"] = dnssec_status_id
- pointValues["fields"]["dnssec_status_str"] = dnssec_status_str
- pointValues["fields"]["ksk"] = ksk
- pointValues["fields"]["ksk_str"] = KSK_tag[ksk]
- except Exception, e:
- print("Error: {0} while using resolver {1} to validate {2}".format(str(e), resolver[0]["address_data"],domain))
- print("Info: End using resolver {0} to validate {1}".format(resolver[0]["address_data"],domain))
- series.append(pointValues)
- client = InfluxDBClient(DBHOST, DBPORT, DBUSER, DBPASSWORD, DBNAME)
- retention_policy = 'ksk_roll'
- client.create_retention_policy(retention_policy, 'INF', 3, default=True)
- client.write_points(series, retention_policy=retention_policy)
- if __name__ == "__main__":
- main()
Add Comment
Please, Sign In to add comment