Discovery: "Include domain name in host name" doesn't seem to work reliably when DNS reverse lookups multiple IP addresses
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-27-2020 11:12 AM
It's very important to us that the FQDN is used as the "name" for our CIs. For our purposes, the best source for hostnames in our environment is by far DNS, so trusting other sources such as SSH or WMI will not help.
Setting the value of the "Include domain name in host name" sys_property [glide.discovery.hostname.include_domain] to "true" works most of the time, but we keep getting outliers where only the first part of the hostname is used.
I've noticed that the failures are for devices where the DNS probe brings back results for multiple IP addresses.
Example:
<results probe_time="141" result_code="0">
<result ip_address="XXX.XX.XX.01" result="resolved">
<name>blahblah.mydomain.com</name>
</result>
<result ip_address="XXX.XX.XX.02" result="unresolved">
<name/>
</result>
<result ip_address="XXX.XX.XX.03" result="unresolved">
<name/>
</result>
</results>
In this case, the name of the CI would be "blahblah." This is true even if "XXX.XX.XX.01" is set as the "IP Address" for the CI.
It is populating "blahblah.mydomain.com" in the "Fully qualified domain name" field, so it's not like it can't understand it. It's just not ending up in the main "Name" field.
Is there any way to change this behavior and tell it that if one of many reverse lookups is successful, then to use that result as the name?
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2020 01:22 PM
Unfortunately, we have not yet solved for this. It only applies to a relative handful of devices in our environment.
I believe our most recent idea was to exclude any of the "extraneous" IP addresses from the discovery schedules, on a case-by-case basis. Obviously, not a solution that would scale well if it applied to many devices.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2020 11:24 PM
Hello
Yes there is not so many devices concerned by this issue, fortunately! 😉
We are thinking about an "alerting" system based on business rule (or whatever else) to trigger an incident ticket if a host changes its name more than 2 times during 2 discovery schedule execution.
But we not yet found a way to identify this kind or change done over a long lapse of time . Our schedules run once per day.
Any idea is welcome 😉