Viewing the Cloud Resolver diagnostics endpoint - BlueCat Cloud Resolver - 1.3.0

BlueCat Cloud Resolver Administration Guide

Locale
English
Product name
BlueCat Cloud Resolver
Version
1.3.0

You can use the Cloud Resolver diagnostics endpoint to see information about the DNS zones discovered in your environment and statistics about the DNS queries that are processed through Cloud Resolver.

The diagnostics endpoint can be access through the following URL: http://<cloud_resolver_id_or_hostname>:9000

The following displays example content of the diagnostics endpoint:
{
  "build": "cloud_resolver 1.2.0 (unknown, release build, linux [x86_64-gnu], Mon, 15 Aug 2022 18:23:27 +0000)",
  "cloud_zones": [
    "a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
    "cloud.acme.corp."
  ],
  "cloud_resolver": {
    "discovered_zones": [
      {
        "vpc_id": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-cr-rg-1/providers/Microsoft.Network/virtualNetworks/bluecat-cr-rg-1-vnet",
        "name": "cloud.acme.corp.",
        "zone_id": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-rg-ig-1/providers/Microsoft.Network/privateDnsZones/cloud.acme.corp",
        "zone_path": "Resolver"
      },
      {
        "vpc_id": "/cloud_resolver/autogenerated",
        "name": "a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
        "zone_id": "/cloud_resolver/a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
        "zone_path": "CrsDynamic(\"a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.\")"
      }
    ]
  },
  "metrics": {
    "uptime_sec": 1498,
    "discover_success": 24,
    "discover_total_errors": 0,
    "discover_live_errors": 0,
    "snapshot_read_success": 15,
    "snapshot_read_failure": 0,
    "snapshot_read_skip": 5,
    "snapshot_write_success": 0,
    "snapshow_write_failure": 0,
    "queries": 1495,
    "udp_count": 1495,
    "tcp_count": 0,
    "in_udp_in_flight": 0,
    "in_tcp_in_flight": 0,
    "out_dns_in_flight": 0,
    "out_fr_in_flight": 0,
    "out_remote_dns_in_flight": 0,
    "local_servfail_count": 0,
    "local_nxdomain_count": 15,
    "local_formerr_count": 0,
    "local_refused_count": 0,
    "dns_noerror_count": 0,
    "dns_servfail_count": 0,
    "dns_nxdomain_count": 0,
    "dns_formerr_count": 0,
    "dns_notimp_count": 0,
    "dns_refused_count": 0,
    "dns_other_count": 0,
    "remote_dns_noerror_count": 99,
    "remote_dns_servfail_count": 0,
    "remote_dns_nxdomain_count": 0,
    "remote_dns_formerr_count": 0,
    "remote_dns_notimp_count": 0,
    "remote_dns_refused_count": 0,
    "remote_dns_other_count": 0,
    "fr_noerror_count": 0,
    "fr_servfail_count": 0,
    "fr_nxdomain_count": 0,
    "fr_formerr_count": 0,
    "fr_notimp_count": 0,
    "fr_refused_count": 0,
    "fr_other_count": 0,
    "edge_api_success": 23,
    "edge_api_total_errors": 0,
    "edge_api_live_errors": 0,
    "csp_api_success": 914,
    "csp_api_total_errors": 0,
    "csp_api_live_errors": 0,
    "dns_cache_hits": 1395,
    "dns_cache_misses": 1,
    "dns_cache_adds": 100
  },
  "config": {
    "cloud_provider": "Azure",
    "edge_enabled": true,
    "edge_ci_url": "https://api-example.edge.bluec.at",
    "edge_api_key": "c123def7-2020-42ab-b987-df12bf34ef05",
    "edge_secret_key": "*** redacted ****",
    "edge_api_key_secret_name": "CRS-EDGE-API-KEY",
    "edge_secret_key_secret_name": "CRS-EDGE-SECRET-KEY",
    "edge_domainlist_id": "5aaf09ab-fabc-98ab-c456-abcf22cd52de1",
    "dns_listen_on": "0.0.0.0:53",
    "configuration_zone": "zonehunter.config.",
    "liveness_port": 8080,
    "readiness_port": 8090,
    "diagnostics_port": 9000,
    "prometheus_port": 9090,
    "prometheus_protobuf": false,
    "max_in_flight_udp": 500,
    "max_in_flight_tcp": 500,
    "in_flight_cache_size": 2500,
    "in_flight_cache_ttl": 15,
    "polling_interval": 60,
    "vault_type": "none",
    "snapshot_path": "/var/lib/bluecat",
    "snapshot_port": 9050,
    "snapshot_autoload": false,
    "fallback_resolver": [
      "10.10.10.6:53"
    ],
    "generate_reverse": true
  },
  "cloud_env": {
    "azure_region": "eastus",
    "azure_tenant_auth": "LocalTenant(https://management.azure.com), LocalTenant(https://vault.azure.net)",
    "azure_vnet": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-cr-rg-1/providers/Microsoft.Network/virtualNetworks/bluecat-cr-rg-1-vnet"
  }
}
Where the parameters represent the following:
  • build—the version and build number of Cloud Resolver.
  • cloud_zones—a list of DNS zones discovered by Cloud Resolver.
  • discovered_zones—displays additional information about each DNS zone discovered, such as the VPC ID, the subscription ID, and the path to the zone.
  • metrics—displays metrics about DNS data that has gone through Cloud Resolver.
    • uptime_sec—the amount of time that Cloud Resolver service has been running, in seconds.
    • discover_success—the number of DNS zones that have been successfully discovered by Cloud Resolver.
    • discover_total_errors—the total number of DNS zone discoveries that have failed.
    • discover_live_errors—the number of DNS zone discoveries that have failed since the last successful DNS zone discovery.
    • snapshot_read_success—the number of snapshots that have been successfully read and restored.
    • snapshot_read_failure—the number of snapshots that have been failed to be read and restored.
    • snapshot_read_skip—the number of snapshots that have been skipped. If the snapshot read is the same as the previous snapshot that was read and restored, the snapshot is skipped.
    • snapshow_write_success—the number of snapshots that have been successfully written by Cloud Resolver.
    • snapshot_write_failures—the number of snapshots that failed by to be written by Cloud Resolver.
    • queries—the number of DNS queries that have been processed and forwarded by Cloud Resolver.
    • udp_count—the number of UDP DNS queries that have been processed and forwarded by Cloud Resolver.
    • tcp_count—the number of TCP DNS queries that have been processed and forwarded by Cloud Resolver.
    • in_udp_in_flight—the number of in-flight incoming UDP DNS queries on Cloud Resolver.
    • in_tcp_in_flight—the number of in-flight incoming TCP DNS queries on Cloud Resolver.
    • out_dns_in_flight—the number of in-flight outgoing DNS queries made to Cloud Resolver's local resolver.
    • out_fr_in_flight—the number of in-flight outgoing DNS queries made to the function resolvers.
    • out_remote_dns_in_flight—the number of in-flight outgoing DNS queries made to the remote DNS resolvers.
    • local_servfail_count—the number of SERVFAIL responses generated by Cloud Resolver.
    • local_nxdomain_count—the number of NXDOMAIN responses generated by Cloud Resolver.
    • local_formerr_count—the number of FORMERR responses generated by Cloud Resolver.
    • local_refused_count—the number of REFUSED responses generated by Cloud Resolver.
    • dns_noerror_count—the number of NOERROR responses received from Cloud Resolver's local resolver.
    • dns_servfail_count—the number of SERVFAIL responses received from Cloud Resolver's local resolver.
    • dns_nxdomain_count—the number of NXDOMAIN responses received from Cloud Resolver's local resolver.
    • dns_formerr_count—the number of FORMERR responses received from Cloud Resolver's local resolver.
    • dns_notimp_count—the number of NOTIMP responses received from Cloud Resolver's local resolver.
    • dns_refused_count—the number of REFUSED responses received from Cloud Resolver's local resolver.
    • dns_other_count—the number of other responses received from Cloud Resolver's local resolver.
    • remote_dns_noerror_count—the number of NOERROR responses received from remote DNS resolvers.
    • remote_dns_servfail_count—the number of SERVFAIL responses received from remote DNS resolvers.
    • remote_dns_nxdomain_count—the number of NXDOMAIN responses received from remote DNS resolvers.
    • remote_dns_formerr_count—the number of FORMERR responses received from remote DNS resolvers.
    • remote_dns_notimp_count—the number of NOTIMP responses received from remote DNS resolvers.
    • remote_dns_refused_count—the number of REFUSED responses received from remote DNS resolvers.
    • remote_dns_other_count—the number of other responses received from remote DNS resolvers.
    • fr_noerror_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NOERROR.
    • fr_servfail_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a SERVFAIL.
    • fr_nxdomain_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NXDOMAIN.
    • fr_formerr_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a FORMERR.
    • fr_notimp_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NOTIMP.
    • fr_refused_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a REFUSED.
    • fr_other_count—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a other responses.
    • edge_api_success—the number successful API calls made from Cloud Resolver to BlueCat Edge.
    • edge_api_total_errors—the total number of errors encountered by Cloud Resolver performing an API call against BlueCat Edge.
    • edge_api_live_errors—the current number of errors encountered by Cloud Resolver performing an API call against BlueCat Edge since the last successful call.
    • csp_api_success—the number successful API calls made from Cloud Resolver to the cloud service provider.
    • csp_api_total_errors—the total number of errors encountered by Cloud Resolver performing an API call against the cloud service provider.
    • csp_api_live_errors—the current number of errors encountered by Cloud Resolver performing an API call against the cloud service provider since the last successful call.
    • dns_cache_hits—the number of DNS query answers served from the cache.
    • dns_cache_misses—the number of DNS queries for which answers were not found in the cache.
    • dns_cache_adds—the number of DNS entries added to the cache.
  • config—displays the Cloud Resolver configuration information.
  • cloud_env—displays information about the cloud environment that Cloud Resolver is pulling the information from.