Deployment Architecture

Indexed IPv6 address from application

bogdan_nicolesc
Communicator

Hi all,

I have an issue with data collected.

I set up Splunk to index "Splunk network monitoring" and I get data in from Google chrome as this:

AddressFamily=ipv6
AddressFamilyId=23
PacketType=connect
PacketTypeId=0
Direction=outbound
Protocol=TCP
ProtocolId=6
LocalAddress=::1
LocalPort=65343
RemoteHostName=50f9:1fe9:ad00:0:3800::
RemoteAddress=::1
RemotePort=9229
ProcessName="c:\program files (x86)\google\chrome\application\chrome.exe"
UserName="ffff.ffff"
UserSid=s-1-5-21.dddd.dddd.dddd.dddd
UserId=0-dddd
HeaderSizeBytes=0
IPsecProtected=0
TransportHeaderSizeBytes=0

I wonder, how do I find what or who or why is RemoteHostName= and who/what/why 50f9:1fe9:ad00:0:3800::

I tried to google, to ping, or other type of means to search that IP to no avail.

Thank you,

Bogdan

Tags (1)
0 Karma
Get Updates on the Splunk Community!

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

Cisco Use Cases, ITSI Best Practices, and More New Articles from Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...