<div>
That should do the trick. 
You gave no information whatsoever about the csv format for the mac/ports, so you'll have to adjust lines 8 and 10 accordingly. 
It currently assumes two columns &quot;MacAddress&quot; and &quot;Vendor&quot;, for the MACs, and &quot;Port&quot; and &quot;Protocol&quot; for the ports. 
It converts the key/value strings to a hash table, then you can change the values, then it puts them back together again (skipping those without an empty value). 

<pre><code class="code-10 nolinks" id="code-20-42724482-1">$keep = @(
	'IP Address'
	'Mac Address'
	'Remote Port'
)
$macLookup = @{}
Import-Csv -Path 'C:\Temp\mac.csv' | ForEach-Object {$macLookup[$_.MacAddress] = $_.Vendor}
$portLookup = @{}
Import-Csv -Path 'C:\Temp\ports.csv' | ForEach-Object {$macLookup[$_.Port] = $_.Protocol}

$fields = @{}
(Get-ClipBoard) -split &quot;`r`n&quot; | 
	Where-Object {$_ -match '^(\s*)(?&lt;Key&gt;[^:]+?)\s*:\s*(?&lt;Value&gt;.*?)\s*$'} |
	ForEach-Object {$fields[$Matches['Key']] = $Matches['Value']}

Switch ($keep | Where-Object {$fields.ContainsKey($_)}) {
	'IP Address' {
		$fields[$_] += ' ' + [system.net.dns]::GetHostByAddress($fields[$_]).HostName
	}
	'Mac Address' {
		$fields[$_] += ' ' + $macLookup[$fields[$_]]
	}
	'Remote Port' {
		$fields[$_] += ' ' + $portLookup[$fields[$_]]
	}
}
($keep | Where-Object {$fields[$_]}| ForEach-Object {&quot;$($_): $($fields[$_])&quot;}) -join &quot;`r`n&quot; | Set-ClipBoard
</code></pre>
</div>

IT Professional

Albert Widjaja

<div>
Sorry for the delay I've been away 
Allow me to give some added data. 
CSV's are &quot;val_1 comma+space val_2) 
I didn't even consider TCP/UDP, we will have to assume TCP in the script as it's not a value given in most of the data I'm looking to parse. Or I can remove anything not TCP and leave it at that. Only the first 3 octets of the Mac address are used to look them up, and they will be given in the xx-xx-xx format. 
 
 
========oui.csv (mac address')========== 
00-00-00, Xerox Corporation 
00-00-0C, Cisco Systems Inc. 
00-21-59, Juniper Networks 
04-BD-88, Aruba 
04-C2-41, Nokia 
08-00-1B, Dell EMC 
 
=======tcp-udp.csv======= 
http, 80, SCTP, 0.000000, # www-http | www | World Wide Web HTTP 
http, 80, TCP, 0.484143, # World Wide Web HTTP 
http, 80, UDP, 0.035767, # World Wide Web HTTP 
ntp, 123, TCP, 0.000138, # Network Time Protocol 
ntp, 123, UDP, 0.330879, # Network Time Protocol 
https, 443, SCTP, 0.000000, # http protocol over TLS/SSL 
https, 443, TCP, 0.208669, # secure http (SSL) 
https, 443, UDP, 0.010840 
quake3, 27960, UDP, 0.000726, # Quake 3 Arena Server 
 
===========Test Data============ 
Host : Google DNS 
Alert : Green 
IP Address : 8.8.8.8 
State : Active 
Port : 443 
Prod : True 
Mac Address : 00-21-59-66-AF-00 
Filler : Yup 
Lorum Ipsom : Ubet 
 
I didn't know about this call &quot;[system.net.dns]::GetHostByAddres&quot; very neat! 
Thanks!
</div>

Security Samurai

Rich Rumble

<div>
Perfect! Thanks for working so hard on this, again sorry for the delay in responding. 
-rich
</div>

<div>
<div class="content wysiwyg-content">
I have a script from: <a href="https://www.experts-exchange.com/questions/29123692/PowerShell-script-to-format-data-in-Clipboard.html?anchorAnswerId=42719419#a42719419" rel="ugc">https://www.experts-exchange.com/questions/29123692/PowerShell-script-to-format-data-in-Clipboard.html?anchorAnswerId=42719419#a42719419</a> 
I'd like to take additional actions on certain fields such as IP Address, we'll use aaaa for that 
INPUT 
aaaa:8.8.8.8 
bbbb:80 
cccc:3333 
dddd:FC-FC-48-11-22-33-44 -55 
eeee:443 
fffffff:66666 
 
Not only do I want to eliminate the cccc and fffffff lines like in the previous question, I want to do an NSLookup on the data after the aaaa: 
and if the IP resolves, append the response. If eeee: exists, look up in a csvfile what port 443, HTTPS if not listed in csv, output Unknown. Same for Mac address (dddd: in this case), look up in a CSV what the first 3 octets correspond to (FC-FC-48, Apple/Mac) 
 
I'd like it to be easy to do more actions like that with the data that might exist after the keys. I think I can figure it out with a few examples. 
 
Output would now be: 
eeee:443 HTTPS 
aaaa:1111 google-public-dns-a.google.com 
dddd:FC-FC-48-11-22-33-44 -55 Apple/Mac 
 
Thanks! 
-rich
</div>
</div>

I have a script from: https://www.experts-exchange.com/questions/29123692/PowerShell-script-to-format-data-in-Clipboard.html#a42719419
I'd like to take additional actions on certain fields such as IP Address, we'll use aaaa for that
INPUT
aaaa:8.8.8.8
bbbb:80
cccc:3333
dddd:FC-FC-48-11-22-33-44 -55
eeee:443
fffffff:66666

Not only do I want to eliminate the cccc and fffffff lines like in the previous question, I want to do an NSLookup on the data after the aaaa:
and if the IP resolves, append the response. If eeee: exists, look up in a csvfile what port 443, HTTPS if not listed in csv, output Unknown. Same for Mac address (dddd: in this case), look up in a CSV what the first 3 octets correspond to (FC-FC-48, Apple/Mac)

I'd like it to be easy to do more actions like that with the data that might exist after the keys. I think I can figure it out with a few examples.

Output would now be:
eeee:443 HTTPS
aaaa:1111 google-public-dns-a.google.com
dddd:FC-FC-48-11-22-33-44 -55 Apple/Mac

Thanks!
-rich

Clipboard Curation and additional actions

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

VBScript (Visual Basic Scripting Edition) is an interpreted scripting language developed by Microsoft that is modeled on Visual Basic, but with some important differences. VBScript is commonly used for automating administrative and other tasks in Windows operating systems (by means of the Windows Script Host) and for server-side scripting in ASP web applications. It is also used for client-side scripting in Internet Explorer, specifically in intranet web applications.