Version 2 - History - Using Lookups - Network Tools - LukeMurphey.net

Using Lookups » History » Version 2

Luke Murphey, 07/28/2017 05:04 AM

-Luke Murphey
+h1. Lookups
 Luke Murphey
-Luke Murphey
+Network Toolkit includes custom lookups that can be used to get information on hosts within events. The lookups provided are:
 Luke Murphey
-Luke Murphey
+* whois
-Luke Murphey
+* ping
-Luke Murphey
+* traceroute
-Luke Murphey
+* nslookup
 Luke Murphey
-Luke Murphey
+Below are some examples of running these commands (each example the field containing the field you want to lookup is in field +host_to_lookup+):
 Luke Murphey
-Luke Murphey
+Whois:
-Luke Murphey
+<pre>
-Luke Murphey
+... | lookup whois host as host_to_lookup | table _raw host raw updated_date nameservers registrar whois_server query creation_date emails expiration_date status id
-Luke Murphey
+</pre>
 Luke Murphey
-Luke Murphey
+Ping:
-Luke Murphey
+<pre>
-Luke Murphey
+... | lookup ping host as host_to_lookup | table _raw host sent received packet_loss min_ping max_ping avg_ping jitter return_code raw_output
-Luke Murphey
+</pre>
 Luke Murphey
-Luke Murphey
+Traceroute:
-Luke Murphey
+<pre>
-Luke Murphey
+... | lookup traceroute host as host_to_lookup | table _raw host return_code raw_output hops
-Luke Murphey
+</pre>
 Luke Murphey
-Luke Murphey
+NSlookup:
-Luke Murphey
+<pre>
-Luke Murphey
+... | lookup nslookup host as host_to_lookup | table _raw aaaa a mx ns server
-Luke Murphey
+</pre>