On Dec 17, 2012, at 8:30 AM, Jakob Schlyter wrote: > On 17 dec 2012, at 03:20, Peter Olsson <[email protected]> wrote: > >> * Run from cron >> >> * Preferably written in python, perl, C or bash script >> >> * I want the tool to check, at least, that the DNSSEC >> zone and its keys and signatures are working and valid >> from the Internet point of view, and that there are no >> keys expiring in less than X days > > validns, https://github.com/tobez/validns, is nice (although does not check > signature lifetime deltas, perhaps this could be added?) > > For NAGIOS you also have https://github.com/dotse/dnssec-monitor from the > merry people at .SE.
We have been using OpenDNSSECs own monitoring plugin successfully for about one year or so… http://svn.opendnssec.org/trunk/monitor/ The drawback (or advantage, depending how you see it) is that it requires Ruby! (But we're probably going to migrate over to validns soon, since the auditor is being phased out…) /P _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
