How to monitor

How to monitor DNS

DNS problems take everything down and are easy to miss. Here's how to monitor DNS resolution, record changes and propagation so you catch failures before your users do.

StatusCat2 min read

DNS is the phone book of the internet, and when it fails, nothing else matters — your servers can be perfectly healthy while your domain simply doesn't resolve. DNS problems are also easy to miss, because a plain website check might still pass from a cached resolver while others fail.

Here's how to monitor DNS properly.

What can go wrong with DNS

  • A record deleted or changed — a bad edit points your domain at the wrong place (or nowhere).
  • Provider outage — your DNS host goes down and resolution fails globally.
  • Expired domain — registration lapses and every record disappears.
  • Propagation issues — a change hasn't propagated, so some users can't reach you.
  • Hijacked or wrong records — a CNAME or MX pointing somewhere it shouldn't.

What to monitor

  1. Resolution — does your domain resolve at all? A DNS check confirms the record returns a value.
  2. Expected value — does the A/AAAA/CNAME record still point where it should? Alert if it changes unexpectedly.
  3. MX records — if you send or receive email, monitor that your MX records are intact; a missing MX silently breaks mail.
  4. Domain expiry — monitor registration expiry so the domain never lapses (this is separate from the SSL certificate — see SSL expiry).

Set it up in StatusCat

  1. Create a DNS monitor for your domain and the record type you care about (A, AAAA, CNAME, MX, TXT).
  2. Set the expected value where it matters, so an unexpected change alerts you — not just a total failure.
  3. Pair it with an HTTP check on the same domain, so you can tell "DNS broke" apart from "the server is down."
  4. Monitor domain and SSL expiry on the same host so no renewal ever catches you out.
  5. Wire alerts to a channel your team reads; DNS issues are urgent because they take everything down.

The bigger picture

DNS, domain expiry, and SSL expiry are the three "silent catastrophes" — rare, but each takes your whole site offline instantly. Monitoring all three is cheap insurance. StatusCat covers DNS, SSL, domain expiry, HTTP, TCP, keyword and heartbeat checks together, free for 50 monitors. If you're new to this, start with what uptime monitoring is.

Frequently asked questions

Why monitor DNS separately from my website?
Because DNS fails independently. A record can be deleted, changed by mistake, or a provider can have an outage — and suddenly your domain doesn't resolve even though your servers are fine. A DNS check catches that specific failure directly.
Can I get alerted if a DNS record changes?
Yes. A DNS monitor can check that a record still resolves to the expected value, so an unexpected change — a wrong A record, a hijacked CNAME, a missing MX — trips an alert.
How often does DNS need checking?
Every few minutes is plenty. DNS doesn't change often, so the goal is to catch the rare-but-catastrophic change or outage quickly, not to poll aggressively.

Keep reading