Is it possible to have ip addresses in a search resolved to a host name and displayed in the results rather then the ip address. My search is:
source="udp:514" "dst=192.168." | stats count by dst | sort -count limit=10
This gives me the top ten hit ip addresses. I would like to see the host name rather than (or as well as) the ip address. Can this be done as part of the search string?