Deployment Architecture

Indexed IPv6 address from application

bogdan_nicolesc
Communicator

Hi all,

I have an issue with data collected.

I set up Splunk to index "Splunk network monitoring" and I get data in from Google chrome as this:

AddressFamily=ipv6
AddressFamilyId=23
PacketType=connect
PacketTypeId=0
Direction=outbound
Protocol=TCP
ProtocolId=6
LocalAddress=::1
LocalPort=65343
RemoteHostName=50f9:1fe9:ad00:0:3800::
RemoteAddress=::1
RemotePort=9229
ProcessName="c:\program files (x86)\google\chrome\application\chrome.exe"
UserName="ffff.ffff"
UserSid=s-1-5-21.dddd.dddd.dddd.dddd
UserId=0-dddd
HeaderSizeBytes=0
IPsecProtected=0
TransportHeaderSizeBytes=0

I wonder, how do I find what or who or why is RemoteHostName= and who/what/why 50f9:1fe9:ad00:0:3800::

I tried to google, to ping, or other type of means to search that IP to no avail.

Thank you,

Bogdan

Tags (1)
0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...