Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

CNAME in Shared Record Group

New Member
Posts: 2
3617     0

CNAME's are supported in Shared Record Groups. The DIW does not support importing them. Is it possible to import them using CSV? If so, does anyone have an example of the CSV format?

 

Is there perhaps a WAPI call to insert CNAME records into a SRG?

 

Thank you,

Terence

Re: CNAME in Shared Record Group

Adviser
Posts: 11
3617     0

As of NIOS 8.4.4, WAPI support for Shared Record Groups is still pretty limited. You can create them and associate them with zones, but only if the zone is unique across DNS views. It throws an error if you have, for example, an internal and external view with the same zone name. You also can't add records to them as far as I can tell. There's not even a field that lists the associated records.

 

A shared CNAME record can be queried via "record:cname" just like any other CNAME record and it has a "shared_record_group" field. But that field can't be modified or searched against. So to find all the CNAME records associated with a particular SRG, you'd have to query all CNAME records and then filter by the "shared_record_group" field on the client side.

 

The WAPI docs also mention that the sharedrecordgroup object doesn't support CSV export which implies to me that it doesn't support CSV import either.

 

You may be out of luck at the moment.

Re: CNAME in Shared Record Group

New Member
Posts: 1
3617     0

Hi,

 

I was just wondering if there was any update on retrieving shared CNAMEs and A records, without filterting, perhaps in versions after 8.4.4?

WAPI docs say sharedrecord:cname and sharedrecord:a should be searchable by name, but always return empty objects.

Re: CNAME in Shared Record Group

Adviser
Posts: 11
3617     0

I didn't notice any WAPI related changes to shared records or shared record groups in the NIOS 8.5 release notes. I don't have an 8.5 install to actually test yet though.

 

When the docs reference searching by name, they're talking about the name of the record, not the name of the record group. However, keep in mind the name you're searching against won't be fully qualified. So if you're searching for a shared record for "www.example.com", it's actually called just "www" and the record group is associated with the "example.com" zone. So your name filter would be "name=www".

Showing results for 
Search instead for 
Did you mean: 

Recommended for You