turbot/steampipe-mod-net-insights

Control: SOA retry value should be between 120 and 7200 seconds (2 minutes to 2 hours)

Description

Number of seconds after which secondary name servers should retry to request the serial number from the master if the master does not respond. It must be less than the SOA refresh value. It is recommended that the value should be between 2 minutes to 2 hours.

Usage

Run the control in your terminal:

powerpipe control run net_insights.control.dns_soa_retry_value_check

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run net_insights.control.dns_soa_retry_value_check --share

Steampipe Tables

SQL

select
domain as resource,
case
when retry < 120 or retry > 7200 then 'alarm'
else 'ok'
end as status,
domain || ' SOA retry value is ' || retry || ' second(s).' as reason
from
net_dns_record
where
domain in (select jsonb_array_elements_text(to_jsonb($1::text[])))
and type = 'SOA';

Params

ArgsNameDefaultDescriptionVariable
$1domain_names
["github.com","microsoft.com"]
DNS domain names.