turbot/net_insights

GitHub
Loading controls...

Control: SOA minimum TTL value should be between 600 and 86400 seconds (10 minutes to 24 hours)

Description

Time To Live (TTL) is the sort of expiration date that is put on a DNS record. The TTL serves to tell the recursive server or local resolver how long it should keep said record in its cache. The longer the TTL, the longer the resolver holds that information in its cache. It is recommended that the value should be between 10 minutes and 24 hours.

Usage

Run the control in your terminal:

steampipe check net_insights.control.dns_soa_minimum_value_check

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.control.dns_soa_minimum_value_check

Plugins & Tables

Params

ArgsNameDefaultDescriptionVariable
$1domain_names
["github.com","microsoft.com"]
DNS domain names.

SQL

select
domain as resource,
case
when minimum < 600
or minimum > 86400 then 'alarm'
else 'ok'
end as status,
domain || ' SOA minimum TTL value is ' || minimum || ' second(s).' as reason
from
net_dns_record
where
domain in (
select
jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
)
and type = 'SOA';