How to Make dig Command Show Only DNS Query Answers (Suppressing Extra Output)


2 views

When working with DNS queries using the dig command, the default output includes extensive information that often isn't needed for scripting or quick checks:

;; <<>> DiG 9.7.3 <<>> google.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.de.                     IN      A

;; ANSWER SECTION:
google.de.              208     IN      A       173.194.69.94

;; Query time: 0 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Sun Sep 23 10:02:34 2012
;; MSG SIZE  rcvd: 43

The most effective combination of flags to get clean output is:

dig +noall +answer google.de

This produces:

google.de.              145     IN      A       173.194.69.94

To completely eliminate the global options line, add +nocmd:

dig +nocmd +noall +answer google.de

Now you get perfectly clean output:

google.de.              145     IN      A       173.194.69.94

This is particularly useful when:

  • Parsing DNS results in scripts
  • Creating monitoring tools
  • Building automated DNS verification systems

Example script usage:

#!/bin/bash
IP=$(dig +short example.com)
if [ "$IP" = "93.184.216.34" ]; then
    echo "DNS resolution correct"
else
    echo "DNS resolution failed"
fi

Combine with other flags for specific needs:

# Get only the IP address
dig +short google.com

# Query specific DNS server
dig @8.8.8.8 +noall +answer google.com

# Get MX records
dig +noall +answer google.com MX

# Get TXT records
dig +noall +answer google.com TXT

For the absolute minimal output (just IP addresses):

dig +short google.com

Output:

172.217.169.46

When working with DNS queries, the dig command provides comprehensive output by default. However, this often includes excessive information that clutters the output when you only need the answer section:

;; <<>> DiG 9.7.3 <<>> google.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.de.                     IN      A

;; ANSWER SECTION:
google.de.              208     IN      A       173.194.69.94

;; Query time: 0 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Sun Sep 23 10:02:34 2012
;; MSG SIZE  rcvd: 43

The most common approach is using +noall +answer flags:

dig google.de +noall +answer

Which produces:

;; global options: +cmd
google.de.              145     IN      A       173.194.69.94

To remove ALL extra output including the global options line, combine with +nocmd:

dig google.de +nocmd +noall +answer

Output:

google.de.              145     IN      A       173.194.69.94

For different DNS record types:

# MX records
dig example.com MX +nocmd +noall +answer

# TXT records
dig google.com TXT +nocmd +noall +answer

# Multiple queries in one line
for domain in google.com example.net; do dig $domain +nocmd +noall +answer; done

When you need to process the output further:

# Extract just IP addresses
dig google.com +nocmd +noall +answer | awk '{print $5}'

# Count number of answers
dig google.com +nocmd +noall +answer | wc -l

Add this to your ~/.bashrc for quick access:

alias digs='dig +nocmd +noall +answer'

Then simply use:

digs google.com