DNS
Version: 3.1.1
Delivers various actions related to DNS.
Connect DNS with LogicHub
- Navigate to Automations > Integrations.
- Search for DNS.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- DNS Server: DNS Server to query the nameserver for the IP address of the given HOST. This value will get over-written with DNS Server if DNS Server is present in actions.
- After you've entered all the details, click Connect.
Actions for DNS
Dig
Dig is a network administration command-line tool for querying Domain Name System (DNS) servers.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | Select the name of the column from parent table to lookup value for. | Required |
| DNS Server | Jinja-templated DNS Server to query the nameserver for the IP address of the given HOST. This value will override the default value of DNS Server set at connection level. | Optional |
Output
A JSON object containing multiple rows of result:
- result: The suspicious activity of the IP address.
{
"ip": [
"162.210.196.173"
],
"record_list": [
"A"
],
"query": "ad.getfond.info"
}
NS Lookup
Query the nameserver for the IP address of the given HOST optionally using a specified DNS server.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Lookup For | Select the name of the column from parent table to lookup value for. | Optional |
| DNS Server | Jinja-templated DNS Server to query the nameserver for the IP address of the given HOST. This value will override the default value of DNS Server set at connection level. | Optional |
Output
A JSON object containing multiple rows of result:
{
"lookup": "125.227.70.80",
"dns_address": "125-227-70-80.HINET-IP.hinet.net"
}
Whois
A tool for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | Select the name of the column from parent table to lookup value for. | Required |
| DNS Server | Jinja-templated DNS Server to query the nameserver for the IP address of the given HOST. This value will override the default value of DNS Server set at connection level. | Optional |
Output
A JSON object containing multiple rows of result:
{
"start_ip": "['223.72.0.0', '223.64.0.0']",
"end_ip": "['223.72.0.0', '223.117.255.255']",
"data": {
"nir": null,
"asn_registry": "apnic",
"asn": "56048",
"asn_cidr": "223.72.0.0/16",
"asn_country_code": "CN",
"asn_date": "2010-07-01",
"asn_description": "CMNET-BEIJING-AP China Mobile Communicaitons Corporation, CN",
"query": "223.72.63.57",
"network": {
"handle": "223.64.0.0 - 223.117.255.255",
"status": null,
"remarks": [
{
"title": "description",
"description": "China Mobile Communications Corporation\nMobile Communications Network Operator in China\nInternet Service Provider in China",
"links": null
},
{
"title": "remarks",
"description": "service provider\n--------------------------------------------------------\nTo report network abuse, please contact mnt-irt\nFor troubleshooting, please contact tech-c and admin-c\nReport invalid contact via www.apnic.net/invalidcontact\n--------------------------------------------------------",
"links": null
}
],
"notices": [
{
"title": "Source",
"description": "Objects returned came from source\nAPNIC",
"links": null
},
{
"title": "Terms and Conditions",
"description": "This is the APNIC WHOIS Database query service. The objects are in RDAP format.",
"links": [
"http://www.apnic.net/db/dbcopyright.html"
]
}
],
"links": [
"http://rdap.apnic.net/ip/223.64.0.0/10"
],
"events": [
{
"action": "last changed",
"timestamp": "2020-07-15T13:10:01Z",
"actor": null
}
],
"raw": null,
"start_address": "223.64.0.0",
"end_address": "223.117.255.255",
"cidr": "223.64.0.0/11, 223.96.0.0/12, 223.112.0.0/14, 223.116.0.0/15",
"ip_version": "v4",
"type": "ALLOCATED PORTABLE",
"name": "CMNET",
"country": "CN",
"parent_handle": null
},
"entities": [
"IRT-CHINAMOBILE-CN",
"HL1318-AP"
],
"objects": {
"IRT-CHINAMOBILE-CN": {
"handle": "IRT-CHINAMOBILE-CN",
"status": null,
"remarks": [
{
"title": "remarks",
"description": "[email protected] was validated on 2020-07-16",
"links": null
}
],
"notices": null,
"links": [
"http://rdap.apnic.net/entity/IRT-CHINAMOBILE-CN"
],
"events": [
{
"action": "last changed",
"timestamp": "2020-07-16T05:55:01Z",
"actor": null
}
],
"raw": null,
"roles": [
"abuse"
],
"contact": {
"name": "IRT-CHINAMOBILE-CN",
"kind": "group",
"address": [
{
"type": null,
"value": "China Mobile Communications Corporation\n29, Jinrong Ave., Xicheng District, Beijing, 100032"
}
],
"phone": null,
"email": [
{
"type": null,
"value": "[email protected]"
},
{
"type": null,
"value": "[email protected]"
}
],
"role": null,
"title": null
},
"events_actor": null,
"entities": null
},
"HL1318-AP": {
"handle": "HL1318-AP",
"status": null,
"remarks": null,
"notices": null,
"links": [
"http://rdap.apnic.net/entity/HL1318-AP"
],
"events": [
{
"action": "last changed",
"timestamp": "2016-11-29T09:38:38Z",
"actor": null
}
],
"raw": null,
"roles": [
"technical",
"administrative"
],
"contact": {
"name": "haijun li",
"kind": "individual",
"address": [
{
"type": null,
"value": "29,Jinrong Ave, Xicheng district,beijing,100032"
}
],
"phone": [
{
"type": "voice",
"value": "+86 1052686688"
},
{
"type": "fax",
"value": "+86 10 52616187"
}
],
"email": [
{
"type": null,
"value": "[email protected]"
},
{
"type": null,
"value": "[email protected]"
}
],
"role": null,
"title": null
},
"events_actor": null,
"entities": null
}
},
"raw": null
},
"ipaddress": "223.72.63.57"
}
whois (hostname)
WHOIS is a public database that houses the information collected when someone registers a domain name or updates their DNS settings.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Domain or IP | Jinja-templated text containing the Domain or IP. | Required |
Output
JSON containing the following items:
{
"whois_server":"whois.godaddy.com",
"registrant_postal_code":null,
"expiration_date":"2030-03-31 18:05:17",
"city":null,
"name_servers":[
"NS53.DOMAINCONTROL.COM",
"NS54.DOMAINCONTROL.COM"
],
"name":null,
"referral_url":null,
"state":null,
"dnssec":"unsigned",
"domain_name":"LOGICHUB.COM",
"country":null,
"updated_date":"2023-01-25 14:34:17",
"creation_date":"2010-03-31 18:05:17",
"has_error":false,
"registrar":"GoDaddy.com, LLC",
"error":null,
"status":[
"clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
"clientRenewProhibited https://icann.org/epp#clientRenewProhibited",
"clientTransferProhibited https://icann.org/epp#clientTransferProhibited",
"clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited"
],
"address":null,
"org":null,
"emails":"[email protected]"
}
Release Notes
v3.1.1- Added 1 new action:whois (hostname).v3.0.0- Updated architecture to support IO via filesystemv2.0.19- Added optional input DNS server field at connection level and in all three actions.v2.0.17- Added documentation link in the automation library.v2.0.14- Removed optional DNS server field and changed the Lable name to "Lookup For" for nslookup.v2.0.12- Changed name of "Column name" to "DNS Server" at nslookup's action level.v2.0.11- Added optional input DNS server field at connection level and nslookup's action level.
Updated about 1 year ago