UF to send both Hostname and IP Address as metadat...

Splunk Dev

We can have either IP address or hostname for host field, both is not supported yet. Below highlighted config in inputs.conf will force to set host as IP address:

host = localhost

connection_host = ip

we tried to explore _meta field coming from UF. If we can make that dynamic to support variable, then we can have both IP and hostname.

This would be similar to $decideOnStartup functionality for host field, but more flexible.

Has anyone able to send both IP and Hostname dynamically for indexing through UF?

For example:

$hostname$ will yield hostname.. as used with inputs.conf, it would be

[default]

_meta = splunk_forwarder::$hostname$

Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card! Hello there, Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...