monitoring/rules/dns.yaml

groups:
  - name: dns
    rules:
    - alert: NsMismatch
      for: 5m
      expr:
        count by (Name, Target, host, job) (dns_lg_answer_section_rr_info{Type="NS"}) != on (Name) group_left count by (Name) (group by (instance, Name) (dns_lg_answer_section_rr_info{Type="NS"}))
      labels:
        severity: critical
      annotations:
        summary: NS not found in all name severs
        description: The NS {{ $labels.Target }} has not been found on all name servers of zone {{ $labels.Name }}

    - alert: SerialMismatch
      for: 5m
      expr:
        count by (Name, host, job) (group by(Name, Serial) (dns_lg_answer_section_rr_info{Type="SOA"})) > 1
      labels:
        severity: critical
      annotations:
        summary: Serial out of sync
        description: Name servers for zone {{ $labels.Name }} are serving {{ $value }} different values of the serial