Reverse DNS lookups are turned off inside Apache, now I want to see where IPs are from in the logs. How can I easily convert the IPs of my older Apache logs into hostnames?
You can perform a reverse DNS lookup with a dig command:
dig +short -x <IP-ADDRESS>
You will get back a hostname of the system with the specified IP address, however what this hostname is going to be depends on how PTR record(s) is setup for the domain. So in other words, you shouldn't expect to get back any particular hostname.
As for Apache logs, as HBruijn already mentioned, you can use logresolve or you can write you own script to scan the log file, extract the IP address, do a reverse lookup and output all the information into the required format. Which solution you choose, depends on what you are trying to achieve. logresolve expects IP address to be the first thing on each line and to be separated from the remainder of the line by a space, which may or may not be the case in your log files.
Apache comes by default with logresolve; a separate post-processing program to resolve IP-addresses in Apache's access logfiles.
Generally using post-processing is significantly more efficient than letting Apache do reverse DNS lookups for each request.
You can perform a reverse DNS lookup with a
digcommand:You will get back a hostname of the system with the specified IP address, however what this hostname is going to be depends on how PTR record(s) is setup for the domain. So in other words, you shouldn't expect to get back any particular hostname.
As for Apache logs, as HBruijn already mentioned, you can use
logresolveor you can write you own script to scan the log file, extract the IP address, do a reverse lookup and output all the information into the required format. Which solution you choose, depends on what you are trying to achieve.logresolveexpects IP address to be the first thing on each line and to be separated from the remainder of the line by a space, which may or may not be the case in your log files.