Fortinet Document Library

Version:


Table of Contents

1.0.0
Copy Link

About the connector

DNSTools performs an authoritative DNS lookup and provides details about common resource record types for root server, TLD server and Name server, and provides reports on DNS records for a specified domain or hostname.

This document provides information about the DNSTools connector, which facilitates automated interactions, with an DNS server using FortiSOAR™ playbooks. Add the DNSTools connector as a step in FortiSOAR™ playbooks and perform automated operations, such as providing DNS record information and reverse DNS lookup information.

 

Version information

Connector Version: 1.0.0

FortiSOAR™ Version Tested on: 4.11.0-1161

 

Authored By: Fortinet

Certified: Yes

 

 

Installing the connector

For the procedure to install a connector, click here.

 

Important: The DNSTools connector has an additional dependency on the dnspython library. If you are using python 3.4, you must use version 1.15.0 of the dnspython library.

 

Prerequisites to configuring the connector

  • You must have the URL of DNSTools server to which you will connect and perform the automated operations and the API Key to access that server.
  • To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.
  • Install the dnspython library. If you are using python 3.4, you must use version 1.15.0 of the dnspython library.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the DNSTools connector and click Configure to configure the following parameters:

 

Parameter Description
DNS Server Address of the DNS server to which you will connect and perform the automated operations.

 

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
DNS Lookup Retrieves DNS record information from your DNS server based on the Domain or Host and record type you have specified. dns_lookup
Investigation
Reverse DNS Lookup Retrieves Reverse DNS information from your DNS server based on the IP address you have specified. reverse_dns_lookup
Investigation

 

operation: DNS Lookup

Input parameters

 

Parameter Description
Domain / FQDN Domain address or FQDN for which you want to perform a DNS lookup and retrieve DNS record information from your DNS server.
DNS Record Type Type of DNS record for which you retrieve DNS record information from your DNS server.
You can choose from the following options: A, AAAA, CNAME, DNAME, HINFO, MX, NS, SOA, SRV, or TXT.

 

Output

The JSON output contains reverse DNS lookup information retrieved from your DNS server based on the IP address you have specified.

Following image displays a sample output:

 

Sample output of the DNS Lookup operation

 

operation: Reverse DNS Lookup

Input parameters

 

Parameter Description
IP Address IP address to be used to perform the reverse DNS lookup.

 

Output

The JSON output contains the Reverse DNS information retrieved from your DNS serve based on the IP address you have specified.

Following image displays a sample output:

 

Sample output of the Reverse DNS Lookup operation

 

Included playbooks

The Sample - DNSTools - 1.0.0 playbook collection comes bundled with the DNSTools connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the DNSTools connector.

  • DNS Lookup
  • Reverse DNS Lookup

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

DNSTools performs an authoritative DNS lookup and provides details about common resource record types for root server, TLD server and Name server, and provides reports on DNS records for a specified domain or hostname.

This document provides information about the DNSTools connector, which facilitates automated interactions, with an DNS server using FortiSOAR™ playbooks. Add the DNSTools connector as a step in FortiSOAR™ playbooks and perform automated operations, such as providing DNS record information and reverse DNS lookup information.

 

Version information

Connector Version: 1.0.0

FortiSOAR™ Version Tested on: 4.11.0-1161

 

Authored By: Fortinet

Certified: Yes

 

 

Installing the connector

For the procedure to install a connector, click here.

 

Important: The DNSTools connector has an additional dependency on the dnspython library. If you are using python 3.4, you must use version 1.15.0 of the dnspython library.

 

Prerequisites to configuring the connector

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Configuration parameters

In FortiSOAR™, on the Connectors page, select the DNSTools connector and click Configure to configure the following parameters:

 

Parameter Description
DNS Server Address of the DNS server to which you will connect and perform the automated operations.

 

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
DNS Lookup Retrieves DNS record information from your DNS server based on the Domain or Host and record type you have specified. dns_lookup
Investigation
Reverse DNS Lookup Retrieves Reverse DNS information from your DNS server based on the IP address you have specified. reverse_dns_lookup
Investigation

 

operation: DNS Lookup

Input parameters

 

Parameter Description
Domain / FQDN Domain address or FQDN for which you want to perform a DNS lookup and retrieve DNS record information from your DNS server.
DNS Record Type Type of DNS record for which you retrieve DNS record information from your DNS server.
You can choose from the following options: A, AAAA, CNAME, DNAME, HINFO, MX, NS, SOA, SRV, or TXT.

 

Output

The JSON output contains reverse DNS lookup information retrieved from your DNS server based on the IP address you have specified.

Following image displays a sample output:

 

Sample output of the DNS Lookup operation

 

operation: Reverse DNS Lookup

Input parameters

 

Parameter Description
IP Address IP address to be used to perform the reverse DNS lookup.

 

Output

The JSON output contains the Reverse DNS information retrieved from your DNS serve based on the IP address you have specified.

Following image displays a sample output:

 

Sample output of the Reverse DNS Lookup operation

 

Included playbooks

The Sample - DNSTools - 1.0.0 playbook collection comes bundled with the DNSTools connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the DNSTools connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.