converting ip numbers to domain names in log files
Joseph S D Yao
jsdy at cospo.osis.gov
Mon Dec 27 20:55:30 UTC 1999
On Fri, Dec 24, 1999 at 10:15:19PM +0000, J.D. Carlson wrote:
> I'd like to know if there is a program I can filter a log file through
> that will resolve the ip numbers into the respective names. Running
> bind 8.2.2-P5 on OpenBSD 2.6, with no problems. When I turn on query
> logging on I would like to go back and see where some of the domains
> are. I'm well acquainted with 'host', 'dig', and 'nslookup'. I'd like
> to be able to 'grep <some expression> logfile | <addr2name prog> and see
> the results with IP numbers replaced by names.
>
> Thanks for any suggestions.
>
> J.D. Carlson
You can pass the bare IP addresses to 'nslookup', and it will return you
the names. For instance, if I give
204.152.184.101
204.152.184.27
as input to 'nslookup', I get [something like]:
Default Server: localhost.cospo.osis.gov
Address: 127.0.0.1
> Server: localhost.cospo.osis.gov
Address: 127.0.0.1
Name: www.isc.org
Address: 204.152.184.101
> Server: localhost.cospo.osis.gov
Address: 127.0.0.1
Name: isrv4.pa.vix.com
Address: 204.152.184.27
>
Transforming the log files into lists of IP addresses is logfile-format-
dependent, and is left as an exercise for the reader. ;-)
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list