If you rename the syslog server (linux), need to change the same host name in the following files:
/opt/splunkforwarder/etc/system/local/input.conf
/opt/splunkforwarder/etc/system/local/server.conf
Once it is done, need to restart the Splunk services.
/etc/init.d/splunk restart
After it is done, it will reflect with in 10 mins. (But still Splunk will show the same old host name as well, but after 24 hours it will remove it automatically.)
Finally worked for me.
Thank you all for your time n efforts !!!
... View more