Hi,
I have a built in integration application (for example: Office 365) which has an IP address field in the logs which i would like to reverse using a DNS lookup and i tried to achieve that using the DNS processor under the application's integration settings page in Kibana without success. this is what i configured in the processor section
- dns:
type: reverse
fields:
ipAddress: client.hostname
ipAddress is the source field name which appear in the original log (not the one which appear in the indexed log field) and if i understand correctly what comes after ":" is the target field, does that mean that the DNS processor will try to resolve the source field and present the result in the target field? what if the target field doesn't exist?
Thanks in advance for the help! hopefully i was clear with what i want.