HI Experts,

I am a fresh guy in SPLUNK Searching. Recently, my team leader needed us to create a DNS regex and make the domain name more meaningful. I thought you guys have more experience at this area and know what our leader needs. Please help or paste any useful links here. :- )

6/30/2015 7:16:20 PM 0B4C PACKET  000020C986D845B0 UDP Rcv 10.10.7.5       d300   Q [0001   D   NOERROR] A      (13)mail(8)google(3)com(0)----------mail.google.com
6/30/2015 7:16:20 PM 0B4C PACKET  001000C986D835B0 UDP Rcv 10.10.7.5       d300   Q [0001   D   NOERROR] A      (3)news8)baidu(3)com(0)-----------news.baidu.com

Thanks so much in advance!