Qodex.ai

Domain Expiry Monitor

Number of APIs: 4

What does this collection do?

This collection checks for the expiry of domains registered by an organisation. It is designed to be set up as a Qodex Monitor to periodically check the expiry date of all the domain names.

If the expiry date is found to be less than 30 days, collection triggers an alert to a pre-specified Slack channel.

In this collection, we retrieve the list of domains from the AWS Route53. But feel free to update the requests to change the source if your organization use a different service provider.

How does this collection works?

  • The domain names are retrieved from AWS route53.
  • We use the RDAP API endpoint (https://www.icann.org/rdap) to retrieve domain registration data. We use this data to find the domain expiry date.
  • An alert is triggered on a user-configured slack channel if a domain expiration date is less than 30 days.

Note
RDAP API may return 404 for few domains because, there are some top-level domains (Like .io, .tech, .co) that are not supporting RDAP, although ICANN is actively enforcing it. The slack alert will have a list of domain names that received 404 from RDAP API. You can either check the domain expiry manually or use a lambda function that utilises whois API to validate the failed domains.

Setup

Configure the Qodex Environment

Review the provided Domain checker Qodex Environment. - Slack webhook URL: Add a slack webhook URL of your workspace - minimum_days: Default value is 30. Triggers alert on slack if the expiration date is less than 30 days. - awsaccesskey: {{Your AWS Access Key}} - awssecretkey: {{Your AWS Secret Key}} - aws_region: {{AWS region}}

Create the Qodex Monitor

  1. On the imported Domain Checker Qodex Collection, go into the Collection menu and select Monitor Collection. See [Creating a Monitor] for more help.

  2. The Monitor run frequency you select will determine how often the collection runs. Once-daily is likely fine to begin within.

  3. Select Show additional preferences and set the Request delay to 1000ms. This is necessary such that we don't get rate limited against the Qodex API.

  4. You can now hit Create and the monitor will execute on the frequency you selected.

Viewing Results

  1. Our [existing documentation] covers how to view the results of a monitor.
  2. At the end of each run, you'll receive a Slack alert for a domain whose expiry date is less than 30 days. Alert notification
  3. After each successful collection run, you'll receive the following message
    Success notification
  4. If RDAP API failed to validate any domain, the following warning alert will be sent to slack. warn notification

  1. Fetch hosted zones GET https://route53.amazonaws.com/2013-04-01/hostedzone?maxitems={{max_items}}

  2. fetch paginated hosted zones GET https://route53.amazonaws.com/2013-04-01/hostedzone?maxitems={{max_items}}&marker={{nextMarker}}

  3. check domain validity GET {{rdap_url}}{{domain}}

  4. Post to slack - Success POST {{slack_webhook_url}}