Use this plugin with Nagios to be notified when a domain is about to expire. You can download the source.
When called, the plugin spawns a whois query for the domain to be tested. It then parses the output for expiration times and registrar.
The plugin returns a "warning" when the domain expires in less than one month. It returns "critical" when the domain expires in less than one week.
Since Nagios normally monitors "hosts," instead of "zones" (or domains), we have to to trick it just a little bit. For example, create a pseudo-host with the name of the zone. Since you might already have a host named after the zone, prefix the host name with "zone":
define host { name dns-zone hostgroups dns-zones ... register 0 } define host { use dns-zone host_name zone.example.com alias ZONE example.com }
Next, define a command and service:
define command { command_name check-whois command_line /usr/local/libexec/nagios-local/check_whois $HOSTADDRESS$ } define service { name whois-service servicegroups whois-service-group service_description WHOIS check_command check-whois ... register 0 } define service { use whois-service host_name zone.example.com }
Note that the check_whois script will receive zone.example.com as the argument. The script strips off the leading "zone." from this argument.
The plugin may not yet work with all registrars, since their output formats differ. If you pass the -x option to the script, it won't complain about not finding registrar or expiration data. Please notify us if you find an example where the whois data is not correctly parsed.
You can use the -s string option to make it complain if it does not find "string" in the whois output. This might be useful, for example, to make sure that your primary name server is always listed (i.e., check for domain hijacking).
The .ORG whois server is known to rate limit queries.
You may exceed this limit when Nagios first starts up,
resulting in bogus alerts.
© 2020 The Measurement Factory.