I am parsing DNS logs (windows debug logs) where there may be multiple answers to one query (cname plus IP, or multiple cnames, or multiple IPs) but I want to normalize the output so that each output line contains one and only one answer (with the rest of the output being the same)

so if I start with

source 1.1.1.1 query type A query foo.com answer cname bar.com answer A 2.2.2.2

how can I get my output to be:

source 1.1.1.1 query type A query foo.com answer cname bar.com source 1.1.1.1 query type A query foo.com answer A 2.2.2.2