Re: How run nslookup on lookup

NHLaurent · ‎11-26-2018

I have a lookup of ip addresses, I want to use the nslookup command resolve the hostnames. Is there a way to run that against the dest field

| inputlookup "ipnl.csv"
| fields dest
| nslookup ????
| outputlookup "dns.csv"

Thanks

woodcock · ‎11-26-2018

Ever since about splunk v5 it is built-in; just use it like this:

| inputlookup ipnl.csv
| fields dest 
| lookup dnslookup clientip AS dest OUTPUT clienthost AS desthost
| outputlookup dns.csv

LukeMurphey · ‎11-26-2018

You need to use the custom lookup command instead.

You would need to do something like this:

| inputlookup "ipnl.csv" 
| fields dest 
| lookup nslookup host as dest
| table _raw aaaa a mx ns server

sharmaa5 · ‎07-01-2021

I'm trying to configure DNS resolution for the but I'm a bit confused that how to use lookup defination dsnlookup and nslookup.

I'm not getting any values in aaaa, mx, ns and _raw while trying nslookup

Can you help me out how can I configure this or what I'm doing wrong.

How run nslookup on lookup