1 Reply Latest reply on May 24, 2018 1:31 PM by Andrew Waters

    Difficulty running DIG command to gather DNS Aliases

    Paul Hecker
      Share This:


      I am working on gathering the DNS alias names for hosts in BMC Discovery 11.2.  I have identified a DIG command that will provide the information but, for DIG to provide the information I have to enable DNS zone transfers for the discovery appliance.  However, that means that the DIG command must be run from the Discovery appliance perspective.


      For example if I run the following from a pattern:


              dns_server := "dns1.testdomain.com";

              host.dns_domain := "testdomain.com";

              find_aliases := "dig @%dns_server% %host.dns_domain% axfr | grep CNAME | grep %host.name%";

              dnsquery_result := discovery.runCommand(host, find_aliases);


      log.debug confirmed the correct command format "dig @dns1.testdomain.com testdomain.com axfr | grep CNAME | grep twdc1" in the variable "find_aliases".  Running "dig @dns1.testdomain.com testdomain.com axfr | grep CNAME | grep twdc1" on the discovery appliance in puTTY is successful however, "dnsquery_result := discovery.runCommand(host, find_aliases);" is not successful.  I suspect because only the discovery appliance is authorized to perform the DNS zone transfers and the discovery.runCommand is run from the perspective of the discovered host.


      I also tried specifying the Discovery appliance name in the discovery.runCommand but received the error message "Error in action revisit_discovery.runCommand -- RequestError: Supplied target is not a node".


      So, if my theory is correct concerning from where the command is run, is there a way to run a command on the discovery appliance from a pattern?


      Thank you for your help.




        • 1. Re: Difficulty running DIG command to gather DNS Aliases
          Andrew Waters

          As is documented discovery.runCommand will be run on the machine you indicate from the first parameter which must be a node. For a Host this would either be DDD or the Host node itself. Hence if you want to run a command on the appliance you need to have scanned the appliance to be able to give it an appropriate node.


          However, it is a little more complicated than that because, as with other discovery requests, there must be a scan window which allows Discovery to run the command. There are a few ways to achieve this.

          * Include it in the scan of the IPs when you want to run it, or

          * defined a scheduled scan of just the appliance with a long duration (the scan can happen in the scheduled time window).

          1 of 1 people found this helpful