what is the command to find out one of the host name of Ip adress.
Splunk has a built in 'external lookup' called dnslookup that you can use (assuming the address you want to lookup is in a field called ipAddress): | lookup dnslookup clientip as ipAddress
| lookup dnslookup clientip as ipAddress
See also: https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/DefineanexternallookupinSplunkWeb#Exte...
| dnslookup reverse ip host
No need to install a 6y old app for that. This functionality is built in nowadays 🙂
Thanks. This also works.