Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

DNS Names in Events

FraserC1
Path Finder
‎03-13-2018 06:39 AM

Hi there,

We are migrating from Kiwi syslog and one of the things Kiwi can do is show hostnames instead of IP addresses in the events.

So what I want is when I search for a host or search against an ACL rule, is that it (if it can resolve the hostname) will show the hostname instead of the IP address.
I'm wondering if anyone has managed to get this working at all?

Cheers.

0 Karma
Reply

deepashri_123
Motivator
‎03-14-2018 12:55 AM

Do you have a list of ip addresses and their hostnames?
If yes then you can add this list as lookup and automate the lookup to get the hostnames at search time
Reference:
http://docs.splunk.com/Documentation/Splunk/7.0.2/Knowledge/DefineanautomaticlookupinSplunkWeb

Let me know if this helps!!

0 Karma
Reply

FraserC1
Path Finder
‎03-14-2018 01:50 AM

Hi, thanks for your response!
This looks interesting I will give it a shot.
So there is no way for it query the DNS server instead of using a csv file?

0 Karma
Reply

Sukisen1981
Champion
‎03-13-2018 08:46 AM

any sample data of what you want AND how your logs look like?

0 Karma
Reply

FraserC1
Path Finder
‎03-13-2018 08:56 AM

Below is what I currently see (edited out ip addresses).

Link: alt text

What I would like to see is hostnames instead of IP addresses.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...