How to Make dig Command Show Only DNS Query Answers (Suppressing Extra Output)


12 views

When working with DNS queries using the dig command, the default output includes extensive information that often isn't needed for scripting or quick checks:

;; <<>> DiG 9.7.3 <<>> google.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.de.                     IN      A

;; ANSWER SECTION:
google.de.              208     IN      A       173.194.69.94

;; Query time: 0 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Sun Sep 23 10:02:34 2012
;; MSG SIZE  rcvd: 43

The most effective combination of flags to get clean output is:

dig +noall +answer google.de

This produces:

google.de.              145     IN      A       173.194.69.94

To completely eliminate the global options line, add +nocmd:

dig +nocmd +noall +answer google.de

Now you get perfectly clean output:

google.de.              145     IN      A       173.194.69.94

This is particularly useful when:

  • Parsing DNS results in scripts
  • Creating monitoring tools
  • Building automated DNS verification systems

Example script usage:

#!/bin/bash
IP=$(dig +short example.com)
if [ "$IP" = "93.184.216.34" ]; then
    echo "DNS resolution correct"
else
    echo "DNS resolution failed"
fi

Combine with other flags for specific needs:

# Get only the IP address
dig +short google.com

# Query specific DNS server
dig @8.8.8.8 +noall +answer google.com

# Get MX records
dig +noall +answer google.com MX

# Get TXT records
dig +noall +answer google.com TXT

For the absolute minimal output (just IP addresses):

dig +short google.com

Output:

172.217.169.46

When working with DNS queries, the dig command provides comprehensive output by default. However, this often includes excessive information that clutters the output when you only need the answer section:

;; <<>> DiG 9.7.3 <<>> google.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.de.                     IN      A

;; ANSWER SECTION:
google.de.              208     IN      A       173.194.69.94

;; Query time: 0 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Sun Sep 23 10:02:34 2012
;; MSG SIZE  rcvd: 43

The most common approach is using +noall +answer flags:

dig google.de +noall +answer

Which produces:

;; global options: +cmd
google.de.              145     IN      A       173.194.69.94

To remove ALL extra output including the global options line, combine with +nocmd:

dig google.de +nocmd +noall +answer

Output:

google.de.              145     IN      A       173.194.69.94

For different DNS record types:

# MX records
dig example.com MX +nocmd +noall +answer

# TXT records
dig google.com TXT +nocmd +noall +answer

# Multiple queries in one line
for domain in google.com example.net; do dig $domain +nocmd +noall +answer; done

When you need to process the output further:

# Extract just IP addresses
dig google.com +nocmd +noall +answer | awk '{print $5}'

# Count number of answers
dig google.com +nocmd +noall +answer | wc -l

Add this to your ~/.bashrc for quick access:

alias digs='dig +nocmd +noall +answer'

Then simply use:

digs google.com