You can use the Cloud Resolver diagnostics endpoint to see information about the DNS zones discovered in your environment and statistics about the DNS queries that are processed through Cloud Resolver.
By default, the diagnostics endpoint can be access through the following URL:
http://<cloud_resolver_id_or_hostname>:9000
The following displays example content of the diagnostics
endpoint:
{
"build": "cloud_resolver 1.7.2 (unknown, release build, linux [x86_64-gnu], Tue, 15 Aug 2023 18:23:27 +0000)",
"cloud_zones": [
"a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
"cloud.acme.corp."
],
"cloud_resolver": {
"discovered_zones": [
{
"vpc_id": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-cr-rg-1/providers/Microsoft.Network/virtualNetworks/bluecat-cr-rg-1-vnet",
"name": "cloud.acme.corp.",
"zone_id": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-rg-ig-1/providers/Microsoft.Network/privateDnsZones/cloud.acme.corp",
"zone_path": "Resolver"
},
{
"vpc_id": "/cloud_resolver/autogenerated",
"name": "a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
"zone_id": "/cloud_resolver/a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.",
"zone_path": "CrsDynamic(\"a.c.e.d.b.a.c.0.e.c.a.0.ip6.arpa.\")"
}
],
"discovered_zones_count": 2,
"digest": "258f9aacea946c2dc433984df13998b3dcc3784584ab674e43be77b3947b4d20",
"last_update": 1696012374
},
"metrics": {
"uptime_sec": 1498,
"discover_success": 24,
"discover_total_errors": 0,
"discover_live_errors": 0,
"snapshot_read_success": 15,
"snapshot_read_failure": 0,
"snapshot_read_skip": 5,
"snapshot_write_success": 0,
"snapshow_write_failure": 0,
"queries": 1495,
"udp_count": 1495,
"tcp_count": 0,
"in_udp_in_flight": 0,
"in_tcp_in_flight": 0,
"out_dns_in_flight": 0,
"out_fr_in_flight": 0,
"out_remote_dns_in_flight": 0,
"local_servfail_count": 0,
"local_nxdomain_count": 15,
"local_formerr_count": 0,
"local_refused_count": 0,
"dns_noerror_count": 0,
"dns_servfail_count": 0,
"dns_nxdomain_count": 0,
"dns_formerr_count": 0,
"dns_notimp_count": 0,
"dns_refused_count": 0,
"dns_other_count": 0,
"remote_dns_noerror_count": 99,
"remote_dns_servfail_count": 0,
"remote_dns_nxdomain_count": 0,
"remote_dns_formerr_count": 0,
"remote_dns_notimp_count": 0,
"remote_dns_refused_count": 0,
"remote_dns_other_count": 0,
"fr_noerror_count": 0,
"fr_servfail_count": 0,
"fr_nxdomain_count": 0,
"fr_formerr_count": 0,
"fr_notimp_count": 0,
"fr_refused_count": 0,
"fr_other_count": 0,
"edge_api_success": 23,
"edge_api_total_errors": 0,
"edge_api_live_errors": 0,
"csp_api_success": 914,
"csp_api_total_errors": 0,
"csp_api_live_errors": 0,
"dns_cache_hits": 1395,
"dns_cache_misses": 1,
"dns_cache_adds": 100
},
"config": {
"cloud_provider": "Azure",
"edge_enabled": true,
"edge_ci_url": "https://api-example.edge.bluec.at",
"edge_api_key": "c123def7-2020-42ab-b987-df12bf34ef05",
"edge_secret_key": "*** redacted ****",
"edge_api_key_secret_name": "CRS-EDGE-API-KEY",
"edge_secret_key_secret_name": "CRS-EDGE-SECRET-KEY",
"edge_domainlist_id": "5aaf09ab-fabc-98ab-c456-abcf22cd52de1",
"dns_listen_on": "0.0.0.0:53",
"configuration_zone": "zonehunter.config.",
"liveness_port": 8080,
"readiness_port": 8090,
"diagnostics_port": 9000,
"prometheus_port": 9090,
"prometheus_protobuf": false,
"max_in_flight_udp": 500,
"max_in_flight_tcp": 500,
"in_flight_cache_size": 2500,
"in_flight_cache_ttl": 15,
"polling_interval": 60,
"vault_type": "none",
"snapshot_path": "/var/lib/bluecat",
"snapshot_port": 9050,
"snapshot_autoload": false,
"fallback_resolver": [
"10.10.10.6:53"
],
"generate_reverse": true
},
"cloud_env": {
"azure_region": "eastus",
"azure_tenant_auth": "LocalTenant(https://management.azure.com), LocalTenant(https://vault.azure.net)",
"azure_vnet": "/subscriptions/abcdef12-98fe-6789-c321-aaabbbcccfff/resourceGroups/bluecat-cr-rg-1/providers/Microsoft.Network/virtualNetworks/bluecat-cr-rg-1-vnet"
}
}
Where the parameters represent the following:
build
—the version and build number of Cloud Resolver.cloud_zones
—a list of DNS zones discovered by Cloud Resolver.discovered_zones
—displays additional information about each DNS zone discovered, such as the VPC ID, the subscription ID, and the path to the zone.discovered_zones_count
—displays the count of the number of DNS zones discovered.digest
—a SHA256 hash of the Cloud Resolver data. This is used by Cloud Resolver internally for version management. You can use this value to determine if multiple Cloud Resolver instances in the same cloud region contain the same data set.last_update
—the timestamp of the last successful discovery of cloud DNS data.Note: When Cloud Resolver is configured in Auth mode, the Serial Number of any zone that Cloud Resolver serves as Authoritative is the timestamp of the last successful discovery of cloud DNS data.metrics
—displays metrics about DNS data that has gone through Cloud Resolver.uptime_sec
—the amount of time that Cloud Resolver service has been running, in seconds.discover_success
—the number of DNS zones that have been successfully discovered by Cloud Resolver.discover_total_errors
—the total number of DNS zone discoveries that have failed.discover_live_errors
—the number of DNS zone discoveries that have failed since the last successful DNS zone discovery.snapshot_read_success
—the number of snapshots that have been successfully read and restored.snapshot_read_failure
—the number of snapshots that have been failed to be read and restored.snapshot_read_skip
—the number of snapshots that have been skipped. If the snapshot read is the same as the previous snapshot that was read and restored, the snapshot is skipped.snapshow_write_success
—the number of snapshots that have been successfully written by Cloud Resolver.snapshot_write_failures
—the number of snapshots that failed by to be written by Cloud Resolver.queries
—the number of DNS queries that have been processed and forwarded by Cloud Resolver.udp_count
—the number of UDP DNS queries that have been processed and forwarded by Cloud Resolver.tcp_count
—the number of TCP DNS queries that have been processed and forwarded by Cloud Resolver.in_udp_in_flight
—the number of in-flight incoming UDP DNS queries on Cloud Resolver.in_tcp_in_flight
—the number of in-flight incoming TCP DNS queries on Cloud Resolver.out_dns_in_flight
—the number of in-flight outgoing DNS queries made to Cloud Resolver's local resolver.out_fr_in_flight
—the number of in-flight outgoing DNS queries made to the function resolvers.out_remote_dns_in_flight
—the number of in-flight outgoing DNS queries made to the remote DNS resolvers.local_servfail_count
—the number of SERVFAIL responses generated by Cloud Resolver.local_nxdomain_count
—the number of NXDOMAIN responses generated by Cloud Resolver.local_formerr_count
—the number of FORMERR responses generated by Cloud Resolver.local_refused_count
—the number of REFUSED responses generated by Cloud Resolver.dns_noerror_count
—the number of NOERROR responses received from Cloud Resolver's local resolver.dns_servfail_count
—the number of SERVFAIL responses received from Cloud Resolver's local resolver.dns_nxdomain_count
—the number of NXDOMAIN responses received from Cloud Resolver's local resolver.dns_formerr_count
—the number of FORMERR responses received from Cloud Resolver's local resolver.dns_notimp_count
—the number of NOTIMP responses received from Cloud Resolver's local resolver.dns_refused_count
—the number of REFUSED responses received from Cloud Resolver's local resolver.dns_other_count
—the number of other responses received from Cloud Resolver's local resolver.remote_dns_noerror_count
—the number of NOERROR responses received from remote DNS resolvers.remote_dns_servfail_count
—the number of SERVFAIL responses received from remote DNS resolvers.remote_dns_nxdomain_count
—the number of NXDOMAIN responses received from remote DNS resolvers.remote_dns_formerr_count
—the number of FORMERR responses received from remote DNS resolvers.remote_dns_notimp_count
—the number of NOTIMP responses received from remote DNS resolvers.remote_dns_refused_count
—the number of REFUSED responses received from remote DNS resolvers.remote_dns_other_count
—the number of other responses received from remote DNS resolvers.fr_noerror_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NOERROR.fr_servfail_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a SERVFAIL.fr_nxdomain_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NXDOMAIN.fr_formerr_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a FORMERR.fr_notimp_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a NOTIMP.fr_refused_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a REFUSED.fr_other_count
—the number of DNS queries that have been processed by the fallback Cloud Resolver instance that resulted in a other responses.edge_api_success
—the number successful API calls made from Cloud Resolver to BlueCat Edge.edge_api_total_errors
—the total number of errors encountered by Cloud Resolver performing an API call against BlueCat Edge.edge_api_live_errors
—the current number of errors encountered by Cloud Resolver performing an API call against BlueCat Edge since the last successful call.csp_api_success
—the number successful API calls made from Cloud Resolver to the cloud service provider.csp_api_total_errors
—the total number of errors encountered by Cloud Resolver performing an API call against the cloud service provider.csp_api_live_errors
—the current number of errors encountered by Cloud Resolver performing an API call against the cloud service provider since the last successful call.dns_cache_hits
—the number of DNS query answers served from the cache.dns_cache_misses
—the number of DNS queries for which answers were not found in the cache.dns_cache_adds
—the number of DNS entries added to the cache.
config
—displays the Cloud Resolver configuration information.cloud_env
—displays information about the cloud environment that Cloud Resolver is pulling the information from.