DNS Monitoring
DNS monitoring checks that your domain resolves correctly and alerts you to failures or unexpected changes — before your users experience them.
What gets checked
| Check | Description |
|---|---|
| Resolution success | Can the hostname be resolved at all? |
| Record value | Does the resolved IP match an expected value? |
| Response time | How fast does DNS resolve? |
| Record type | A, AAAA, CNAME, MX, TXT, NS, PTR |
Creating a DNS monitor
- New Monitor → DNS
- Configure:
type: dns
hostname: mail.yourapp.com
record_type: MX
expected_value: "10 mail.yourapp.com" # Optional: assert the returned value
resolver: "8.8.8.8" # Optional: use specific DNS resolver
timeout: 5000
interval: 300 # seconds
Record types
| Type | Use case | Example expected value |
|---|---|---|
A | IPv4 address | 93.184.216.34 |
AAAA | IPv6 address | 2606:2800:220:1:248:1893:25c8:1946 |
CNAME | Alias | yourdomain.cloudfront.net |
MX | Mail server | 10 mail.yourapp.com |
TXT | Text records (SPF, DKIM) | v=spf1 include:sendgrid.net ~all |
NS | Name servers | ns1.yourapp.com |
Change detection
Even if DNS resolves successfully, you can alert if the value changes unexpectedly:
assert_value_unchanged: true # Alert if the resolved value differs from last check
notify_on_change: true # Always notify when value changes
This is useful for detecting unauthorized DNS changes — a common attack vector.
Alert on high TTL / low TTL
assert:
ttl:
gte: 300 # Alert if TTL < 300 (too low = high DNS load)
lte: 86400 # Alert if TTL > 86400 (too high = slow propagation)
Use cases
- Email deliverability — Monitor MX and SPF records
- CDN routing — Ensure CNAME points to the right CDN endpoint
- DDoS protection — Verify Cloudflare or Akamai records are active
- Change detection — Alert on any unauthorized DNS modification
- Propagation monitoring — Check DNS from multiple regions after a change