Yes, you can use a scripted lookup, which will do a reverse DNS check on a given URL.
Please check the example here: http://docs.splunk.com/Documentation/Splunk/5.0.4/Knowledge/Addfieldsfromexternaldatasources#Example...
This is for an older version of Splunk, but the script is still shipped, and can be used as described.
Use rex command in search, use sedcmd in props. Did you want to make the ip address an indexed field or search time extraction?
|rex field=urlField "[regex_to_capture_ip]"
|rex field=urlField "(?<IP>(\d+\.\d+\.\d+\.\d+))"
To use DNS in order to resolve a CNAME like yahoo.com to its A or AAAA records, please use the answer posed by DMohn.
If you have an IP address in a URL field, please use my answer.
Yes, you can use a scripted lookup, which will do a reverse DNS check on a given URL.
Please check the example here: http://docs.splunk.com/Documentation/Splunk/5.0.4/Knowledge/Addfieldsfromexternaldatasources#Example...
This is for an older version of Splunk, but the script is still shipped, and can be used as described.