Sandbox99 Chronicles

Dig Command Cheat Sheet – Mastering DNS Queries Like a Pro

dig cheatsheet

Written by Jose Mendez

Hi, I’m Jose Mendez, the creator of sandbox99.cc. with a passion for technology and a hands-on approach to learning, I’ve spent more than fifteen years navigating the ever-evolving world of IT.

Cheat Sheet | Linux Tips

dig | DNS | Information Gathering | Linux | network-tools | OSINT | terminal

Published Aug 13, 2025 | Last updated on Aug 13, 2025 at 1:03PM

Follow me on LinkedIn

Reading Time: 2 minutes
Table of Contents show

Introduction

When it comes to DNS troubleshooting and querying DNS records directly from the command line, the dig (Domain Information Groper) command is an essential tool for system administrators, network engineers, and penetration testers.
This cheat sheet provides quick, practical examples so you can retrieve the exact DNS data you need without wading through manuals.

Installation

# Ubuntu/Debian
sudo apt update
sudo apt install dnsutils

# Fedora / Red Hat / CentOS / Rocky Linux / AlmaLinux
sudo dnf install bind-utils

Basic Syntax

dig [@server] [name] [type]
- @server – Optional DNS server to query (e.g., @8.8.8.8).
- name – The domain name (e.g., example.com).
- type – DNS record type (A, AAAA, MX, NS, TXT, etc.).

Common Use Cases

# Lookup an A Record (IPv4)
dig example.com A

# Lookup an AAAA Record (IPv6)
dig example.com AAAA

# Find Mail Servers (MX)
dig example.com MX

# Retrieve Name Servers (NS)
dig example.com NS

# Get TXT Records (SPF, DKIM, etc.)
dig example.com TXT

# Specify a Custom DNS Server
dig @1.1.1.1 example.com A
dig @8.8.8.8 example.com A

# Query All Records (Some DNS servers restrict ANY queries.)
dig example.com ANY

# Perform a Reverse DNS Lookup
dig -x 8.8.8.8

# Check SOA Record
dig example.com SOA

# Trace the DNS Resolution Path
dig +trace example.com

# Short Answer Mode (No Extra Info)
dig +short example.com

# Get Query Time & Stats
dig example.com A +stats

# Suppress All Comments (Clean Output)
dig example.com +noall +answer

# Save Output to a File
dig example.com A > result.txt

Pro Tips

💡 Use +short for scripting – Perfect for automation pipelines.
💡 Combine with grep – Filter only what you need:

dig example.com MX +short | grep mail

💡 Test multiple DNS servers – Quickly compare results across 8.8.8.8, 1.1.1.1, or your local resolver.
💡 DNSSEC Verification – Ensure records are signed:

dig example.com +dnssec

💡 Check Multiple Record Types and Save to File – Great for documentation:

dig example.com A MX NS TXT > dns_report.txt

💡 Minimal Clean Output (Automation Friendly) – Show only the IP:

dig example.com A +noall +answer | awk '{print $5}'

💡 Filter Results with grep – For example, only list IPv4 addresses:

dig example.com A +short | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'

Final Thoughts

The dig command is a Swiss Army knife for DNS lookups. Whether you’re diagnosing connectivity issues, verifying records after a DNS change, or automating checks in scripts, having this cheat sheet on hand will keep your workflow fast and efficient.

Calendar

September 2025
S M T W T F S
 123456
78910111213
14151617181920
21222324252627
282930  

Related Post

How to Add AppImage Applications to the XFCE4 Menu

How to Add AppImage Applications to the XFCE4 Menu

by | Published Aug 25, 2025 | Last updated on Aug 25, 2025 at 7:35AM |

✍️ Brief Introduction Managing applications on Linux can sometimes feel fragmented, especially when dealing with portable packages like AppImage that don’t integrate into the desktop menu by default. Unlike .deb or .rpm packages, AppImages run as standalone...

read more