Control: SOA refresh value should be between 1200 and 43200 seconds (12 minutes to 12 hours)

Description

Number of seconds after which secondary name servers should query the master for the SOA record, to detect zone changes. It is recommended that the value should be between 20 minutes to 12 hours.

Usage

Run the control in your terminal:

powerpipe control run net_insights.control.dns_soa_refresh_value_check

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run net_insights.control.dns_soa_refresh_value_check --share

Steampipe Tables

net_dns_record

Params

Args	Name	Default	Description	Variable
$1	domain_names	`["github.com","microsoft.com"]`	DNS domain names.	domain_names

SQL

select
  domain as resource,
  case
    when refresh < 1200
    or refresh > 43200 then 'alarm'
    else 'ok'
  end as status,
  domain || ' SOA refresh value is ' || refresh || ' second(s).' as reason
from
  net_dns_record
where
  domain in (
    select
      jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
  )
  and type = 'SOA';