Skip to content

Domain monitoring

SSL, DNS, WHOIS, DMARC. Inside OpsMerge, not in a second vendor.

We got tired of paying a fourth vendor for the cert-expiry alert that nobody read. Domain monitoring is built into OpsMerge — server-side checks, scheduled jobs, dashboards alongside your tickets.

  • Four check types

    SSL, DNS, WHOIS, DMARC/SPF. Per-domain configuration, operator-tunable cadence.

  • Server-side

    Server-scheduled jobs. No agent involvement, no client-side cron, no missed checks because a workstation went to sleep.

  • Alerts that work

    In-app, email, ticket auto-creation on threshold breach. Webhook out post-GA.

SSL, DNS and DMARC posture across managed client domains.

What we check

The full lookup matrix.

  • SSL — certificate validity, days-to-expiry, chain trust, SAN coverage
  • DNS — A, AAAA, MX, NS, TXT records with change detection on NS and MX
  • WHOIS — registrar, expiry date, registrar-lock monitoring, nameservers (RDAP-first)
  • DMARC / SPF — record presence and DMARC policy

How it runs

Scheduled jobs, server-side.

  • No agent involvement, no client-side cron, no missed checks because a workstation went to sleep.
  • Failures surface in the operations dashboard with severity, last-good timestamp, and a click-through to the historical trend.

Alerting

Built into the same channels you already use.

  • In-app alerts and dashboard tiles
  • Email notifications via the gateway
  • Ticket auto-creation on configurable thresholds (e.g., SSL <14 days)
  • Webhook out (post-GA) for escalation to Teams / Slack / PagerDuty

Common questions

  • How often do checks run?
    Default cadence varies by check type — SSL daily, DNS every six hours, WHOIS and DMARC/SPF daily. Operator-tunable.
  • Do you check domains we do not host?
    Yes. Any domain you can resolve via public DNS / WHOIS / SSL lookups. We do not need control of the domain to check it.
  • What about wildcard certs and SAN coverage?
    SSL check validates the cert presented for the queried hostname, including SAN coverage. Wildcard certs are covered.
  • What DMARC and SPF checks do you run?
    Record presence, syntax validity, the DMARC policy (none / quarantine / reject) and SPF alignment, with change alerting — in the same scheduled job as SSL, DNS and WHOIS.
  • Can I bulk-import domains?
    Yes. CSV import of domains per organisation.

Stop paying for cert-expiry alerts twice

OpsMerge is a product of Brindleford Technologies Ltd, company number 16871436, registered in England and Wales.