15 Nov 2023 04:28 PM
I appreciate a simple DQL to search for a host name given an IP. How simple could it be?
Solved! Go to Solution.
15 Nov 2023 06:59 PM - edited 15 Nov 2023 07:03 PM
Hi @MarwanC,
I hope I understand your request well. To be honest I am not a DQL guru I have just started to learn.
I would create a dashboard with this DQL (you can add other extra fields if you want).
fetch dt.entity.host
| fieldsAdd ipAddress, entity.detected_name
| filter in (ipAddress, array($IP) )
In order to work well I created a variable = IP
Variable DQL:
fetch dt.entity.host
| fieldsAdd ipAddress
| fieldsRemove entity.name, id
This is the results, you can search hosts by IP address:
I hope it helps.
Best regards,
Mizső
16 Nov 2023 12:22 PM
A very comprehensive answer 😊