Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why do I see the same host twice?

dmitchell92
New Member
‎07-16-2018 09:18 AM

Hello Splunkers,

When I search to see that host are in the appropriate index "index=indexname | stats count by host" I will see the same host listed twice. Once with the hostname of the forwarder and another with the FQDN of the forwarder. I believe that that culprit of this issue is because when engineers install forwards on host, they run "./splunk set forward-server ip_address:9997" then me as the splunk admin will add the sendtoindexer deployment app to the server class. Am I on the right track here or way off basis?

Thanks Splunkers!

0 Karma
Reply

pradeepkumarg
Influencer
‎07-16-2018 10:10 AM

Check if this helps

https://answers.splunk.com/answers/642834/why-are-there-multiple-host-entries-for-every-splu.html#an...

0 Karma
Reply

dmitchell92
New Member
‎07-16-2018 10:33 AM

This helps makes better sense of the culprit. What is best practice so I can eliminate the multiple host reporting? Across our infrastructure we have a unique naming convention so I would prefer everything to not have the FQDN in the host field.

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...