How To Convert The Output of the dig Command to JSON in Bash

The dig (Domain Information Groper) command is a versatile and widely used tool for performing Domain Name System (DNS) queries from the command line. However, the standard output of the dig command is in text format, which can be difficult to parse and process in programmatic contexts. A more structured format, such as JSON (JavaScript Object Notation), can make the automatic manipulation and parsing of DNS responses much easier, especially in scripting and automation scenarios. In this article, I will show you how to convert the output of a dig DNS query to JSON format using a Bash script.

The latest version of dig (starting with bind 9.11) offers an option to directly output the output in JSON format. Just add the +json option to the end of the command:

dig example.com A +json

This approach is the simplest, as it does not require any manipulation of the text output, just the use of the +json option.

If you are using a version of dig that does not support the +json option, you can still convert the text output to JSON with a little Bash scripting. This can be useful if you are on a system that does not have an up-to-date version of dig.

#!/bin/bash

domain=$1

# Run DNS query with dig
output=$(dig $domain A +short)

# Start building JSON
json_output="{\"domain\": \"$domain\", \"A_records\": ["

# Process each line of output

first=1

while read -r line; do
  if [ $first -eq 1 ]; then
    json_output+="\"$line\""
    first=0
  else
    json_output+=", \"$line\""
  fi
done <<< "$output"

# Close JSON
json_output+="]}"

# Print the result in JSON format
echo $json_output

Code explanation:

1. The script takes as a parameter the domain to query (domain=$1).
2. It runs dig with the +short option to get only the IP addresses without the long format and without the extra details.
3. A basic JSON object is created with an "A_records" field that contains a list of the IP addresses found.
4. It uses a while loop to read the output of dig line by line and populate the list of IP addresses.
5. Finally, it prints the resulting JSON.

If you want to process the output further JSON, you can use the jq command. For example, you can filter the JSON output to return only IP addresses:

dig example.com A +json | jq '.answer[] | select(.type=="A") | .data'

This command will return only the IP addresses contained in the "answer" section of the JSON.

Conclusion

Converting the output of dig to JSON makes it much easier to work with DNS query results programmatically. If you're using a recent version of dig, you can use the +json option to get structured output right away. Alternatively, you can create a Bash script to parse the text output of dig into JSON. With the help of tools like jq, you can manipulate JSON to suit your specific needs.