Docs » Supported integrations in Splunk Observability Cloud » Configure application receivers for networks » DNS Query Input

DNS Query Input πŸ”—

Caution

Smart Agent monitors are being deprecated. To collect DNS data use the OpenTelemetry Collector and the Telegraf DNS Query Input plugin . See how in Monitor services with Telegraf Input plugins and OpenTelemetry.

You can use the Splunk Distribution of the OpenTelemetry Collector’s Smart Agent receiver with the DNS Query Input monitor type (an embedded form of the Telegraf DNS Query plugin) to collect DNS data.

Benefits πŸ”—

After you configure the integration, you can access these features:

Installation πŸ”—

Follow these steps to deploy this integration:

  1. Deploy the Splunk Distribution of the OpenTelemetry Collector to your host or container platform:

  2. Configure the integration, as described in the Configuration section.

  3. Restart the Splunk Distribution of the OpenTelemetry Collector.

Configuration πŸ”—

To use this integration of a Smart Agent monitor with the Collector:

  1. Include the Smart Agent receiver in your configuration file.

  2. Add the monitor type to the Collector configuration, both in the receiver and pipelines sections.

Example πŸ”—

To activate this integration, add the following to your Collector configuration:

receivers:
  smartagent/dns:
    type: telegraf/dns
    ...  # Additional config

Note

Make sure to include the required servers configuration setting. See the following section, Configuration settings, for more information.

Next, add the monitor to the service.pipelines.metrics.receivers section of your configuration file:

service:
 pipelines:
   metrics:
     receivers: [smartagent/dns]

Configuration settings πŸ”—

The following table shows the configuration options for this integration:

Option

Required

Type

Description

domains

no

list of strings

Domains or subdomains to query. If this is not provided, it is

["."] and RecordType is forced to NS.

network

no

string

Network is the network protocol name. (default: udp)

port

no

integer

DNS server port. (default: 53)

servers

yes

list of strings

Servers to query.

recordType

no

string

Query record type (A, AAAA, CNAME, MX, NS, PTR, TXT, SOA, SPF,

SRV). (default: NS)

timeout

no

int64

Query timeout. Use a duration string that is accepted by

https://golang.org/pkg/time/#ParseDuration. (default: 2s)

Metrics πŸ”—

The following metrics are available for this integration:

Notes πŸ”—

  • To learn more about the available in Splunk Observability Cloud see Metric types

  • In host-based subscription plans, default metrics are those metrics included in host-based subscriptions in Splunk Observability Cloud, such as host, container, or bundled metrics. Custom metrics are not provided by default and might be subject to charges. See Metric categories for more information.

  • In MTS-based subscription plans, all metrics are custom.

  • To add additional metrics, see how to configure extraMetrics in Add additional metrics

Troubleshooting πŸ”—

If you are a Splunk Observability Cloud customer and are not able to see your data in Splunk Observability Cloud, you can get help in the following ways.

Available to Splunk Observability Cloud customers

Available to prospective customers and free trial users

  • Ask a question and get answers through community support at Splunk Answers .

  • Join the Splunk #observability user group Slack channel to communicate with customers, partners, and Splunk employees worldwide. To join, see Chat groups in the Get Started with Splunk Community manual.

This page was last updated on Dec 09, 2024.