Solved: Reports are showing IP addresses instead of hostna...

Jaci · ‎05-10-2010

We have a report that provides a nightly email alert with inline results for every successful backup event.

Ever since we upgraded to 4.1 from 4.x, the reports are showing the IP address instead of the hostname.

Did something change in 4.1? And how can I fix this?

gkanapathy · ‎05-10-2010

i'm assuming the data is syslog directly to a Splunk UDP port, and it's because by default we don't resolve IP addresses on a UDP port any more. connection_host in inputs.conf will reset it though.

View solution in original post

Lowell · ‎05-14-2010

Are you using an udp input?

Try adding connection_host = dns to your UDP input stanza.

See the following post: Lookups - using them to replace the host field

gkanapathy · ‎05-10-2010

i'm assuming the data is syslog directly to a Splunk UDP port, and it's because by default we don't resolve IP addresses on a UDP port any more. connection_host in inputs.conf will reset it though.

Jaci · ‎05-11-2010

Yes, thank you for the answer!

Reports are showing IP addresses instead of hostnames after upgrading to 4.1

Updated Team Landing Page in Splunk Observability

New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...