Thanks, I am on Linux. Does that patch work with Linux as well?

Hi again, Can you tell me what distro you're running this on?

I tried the exact same test command on CentOs 6 with the last public version of the app I have on, and it worked.
I need a little bit more info to get the same result while testing. I'll try running this on Ubuntu.

Please share the Splunk version, Linux distribution and version you're using.

Here's my result:
-bash-4.1$ /opt/splunk/bin/splunk --version
Splunk 6.5.1 (build f74036626f0c)
-bash-4.1$ cat /etc/redhat-release
CentOS release 6.7 (Final)
-bash-4.1$ /opt/splunk/bin/splunk cmd splunkd print-modinput-config ping ping:///opt/splunk/etc/apps/TA-connectivity/lookups/hostfile.txt | /opt/splunk/bin/splunk cmd python /opt/splunk/etc/apps/TA-connectivity/bin/ping.py
01/15/2017 11:11:30 GMT ,action=ping succeeded,status=200,src=splunk,dst_hostname=www.google.com,dst_ip=74.125.206.147,description="icmp_seq=1 ttl=49;icmp_seq=2 ttl=49",average_rtt=105.5,packet_loss=0%01/15/2017 11:11:30 GMT ,action=ping succeeded,status=200,src=splunk,dst_hostname=www.yahoo.com,dst_ip=46.228.47.114,description="icmp_seq=1 ttl=58;icmp_seq=2 ttl=58",average_rtt=106.5,packet_loss=0%01/15/2017 11:11:30 GMT ,action=ping succeeded,status=200,src=splunk,dst_hostname=4.2.2.2,dst_ip=4.2.2.2,description="icmp_seq=1 ttl=60;icmp_seq=2 ttl=60",average_rtt=100.0,packet_loss=0%01/15/2017 11:11:30 GMT ,action=ping succeeded,status=200,src=splunk,dst_hostname=8.8.8.8,dst_ip=8.8.8.8,description="icmp_seq=1 ttl=61;icmp_seq=2 ttl=61",average_rtt=101.0,packet_loss=0%-bash-4.1$
-bash-4.1$

I am not sure where all my response are going. they seem to be disappearing. Anyway, I just enabled in the inputs.conf and it seems to be working even though the "test" command is not.

Is there a way for me to have the "dst_host" be the "host" value?

Hi,

I'll try testing with that version over the next week. I updated the app once more just now to fix something else on windows.
Not sure I understand what you want, but I'm guessing you need to add a host extraction to your local/props.conf
I could add one to the next release, although it kind of helps to know which forwarder ran the scan.

Cheers,

Understood. It does make sense to know which forwarder ran.

Thanks for your help!

[bash ~]$ /opt/splunk/bin/splunk --version
Splunk 6.5.1 (build f74036626f0c)
[bash ~]$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.6 (Santiago)
[bash ~]$ /opt/splunk/bin/splunk cmd splunkd print-modinput-config ping ping:///opt/splunk/etc/apps/TA-connectivity/lookups/hostfile.txt | /opt/splunk/bin/splunk cmd python /opt/splunk/etc/apps/TA-connectivity/bin/ping.py
[bash ~]$

Yes, it will. Currently testing on both Windows and Linux. Thanks for waiting.

Any progress updating the app?