I want a list of IP Address's against their host names.
I am using
host=* | regex host="^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]).){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$"
very important task you are facing, and very vague question you are asking.
can you elaborate please? do you have DNS data and names in Splunk?
do you have the IP addresses in Splunk?
if so, there are plenty of ways to do it.
one idea is to start by creating a lookup: search that gives you all DNS | dedup DNS | table DNS | outputlookup my_dns.csv
now that you have a lookup with all DNS you can compare IPs against it
many more answers in this portal, here are couple: https://answers.splunk.com/answers/293874/how-to-compare-the-ip-addresses-in-dns-lookup-dnsc.html https://answers.splunk.com/answers/105246/dns-resolution-in-a-search.html
feel free to upvote those great answers
hope it helps
