Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can I specify a name server for DNS

echalex
Builder
‎10-18-2012 07:28 AM

Hi,

We are having some DNS issues in our infrastructure. Apparently the name servers our splunk hosts are using are not able to resolve some PTR queries, because of our network topology. Unfortunately, simply editing /etc/resolv.conf would also break stuff. So I need to use a different name server than the system is using by default. Is this possible?

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎10-18-2012 09:00 AM

not sure, Splunk will use a system call for the resolution, so your default DNS will be used.

View solution in original post

Reply
Solved! Jump to solution

pryzrak
Path Finder
‎11-15-2013 02:55 PM

Not sure if this post is still being reviewed. However I now have a working python script that resolves from IP to HOST and HOST to IP using an external nameserver like the open Google DNS. Look at my above post to see the answer.

0 Karma
Reply
Solved! Jump to solution

pryzrak
Path Finder
‎11-11-2013 11:15 AM

I know it is possible if the dnspython module is installed. I tried it with a successful standalone script. However I'm trying to edit a renamed external_lookup.py script as something like "opendns_lookup.py". Then I edited the transforms.conf to make a new command called "opendnslookup". However I can't get "opendns_lookup.py" to work right. Look at my splunk post below on this matter and let me know what yall think:

Editing dnslookup for specific dns server

0 Karma
Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎10-18-2012 09:00 AM

not sure, Splunk will use a system call for the resolution, so your default DNS will be used.

Reply
Solved! Jump to solution

echalex
Builder
‎10-19-2012 03:15 AM

Thanks, yannK.

That is what I suspected. Even the reverse dns lookup script will use the default configuration. Of course, I can do my own reverse lookup script in eg. perl.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Unlock What’s Next: The Splunk Cloud Platform at .conf25

In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...