I’ve created a lightweight Bash script called nginx-logresolver that enhances NGINX access logs by resolving IP addresses to hostnames in real time. This makes logs far more readable and useful for debugging, monitoring abuse, or identifying traffic patterns. It uses a simple caching system to minimize repeated DNS lookups and offers optional colorized output via grc for even better visibility. It works without touching your NGINX config and can be dropped into any system with basic tools like bash, getent, and tail. Check it out here: GitHub - spithash/nginx-logresolver: Real-time Nginx log enhancer that resolves IPs to hostnames and optionally colorizes output using grc. — feedback and contributions are welcome!
2 Likes
This is rad! Thanks for sharing @spithash - always appreciate what people are creating that improves their use of NGINX, especially when it’s available to others.
I’m curious what motivated you to create it. Did you run into a situation where you needed it, or was it an idea that built up for you over time?
Cheers! 
1 Like
Thank you for your kind words!
Well the reason I needed ip resolving is to detect bot patterns and/or block unwanted traffic coming from known domains. Or even whitelist some.
I just write the output of the script to a file and filter it with Fail2ban.
That way nginx can do it’s own thing independently without sacrificing its performance whatsoever.
Also, DNS caching via dnsmasq helps things significantly. (or any other dns caching daemon)
1 Like