I have a traffic log similar to this

"page visited" for xxx.xxx.xxx.xxx at 2013-10-30

and I would like to replace the ip address with the result of it's whois lookup.

I can export the ip addresses to a separate file and then do a whois on each line, but im struggling to combine them all together.

Ideally i'd like to replace the ip address in the same string and print the new string to a new file.

So it would look like

"page visited" for example.com at 2013-10-30

Can anyone help

Here's what I have so far

grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' clean_cites.txt > iplist.txt
for i in `cat iplist.txt`
do
OUTPUT=$(geoiplookup -f /usr/share/GeoIP/GeoIPOrg.dat $i)
echo $i,$OUTPUT >> visited.txt
done

Like I said,this produces a separate file with a list of ip addresses and their relevant hostnames, so I either need to search for the ip address in file and and replace it with the text in file b (which will give the ip address and hostname) or replace the ip address in place.

Thanks