This feature is only available in the licensed version. When you are logging data from web servers or firewalls etc, the message text may contain IP addresses. To turn these IP addresses into meaningful names and website addresses you need to enable this option. The program will search through the message text and look for any IP address entries. You can also specify how the resolved name will be displayed. You may replace the IP address with the name or adding the name after the IP address in the message text.
* NetBIOS names can require more time to resolve than normal DNS entries. If you want to resolve NetBIOS names, increase the DNS timeout to 20 or 30 seconds.
Examples:
Test user connected to website http://192.168.1.2/index.html. src=192.168.5.100 rxbytes=64
With replace IP address with host name option, the message becomes...
Test user connected to website http://website.company.com/index.html. src=userpc.company.com rxbytes=64
With place host name next to IP address option, the message becomes...
Test user connected to website http://192.168.1.2 (website.company.com) /index.html. src=192.168.5.100 (userpc.company.com) rxbytes=64
The Remove the domain name option allows the stripping of the domain name portion from the resolved host name.
To selectively keep or remove the domain name based on a filter match, check the If domain name contains check box.
Place the domain name substrings to remove in quotes. To filter multiple domains, separate each quoted string with a space or comma.
".companyabc.com", ".companyxyz.co.uk"
An IP address resolved to mypc.company.co.uk will be changed to just "mypc".
Hostname tagging:
When you have selected the place host name next to IP address option, the hostname is normally tagged with brackets and a space character. The resolved host name can be tagged with any characters you like. For example, you might like to prefix the host name with "hostname=[" and then have a "] " suffix. You can change the prefix and suffix characters to fit the format of your messages.
A suggested tagging format for WELF format messages would be a prefix of resolved_host= and a suffix of a space character.