Hi,
We have a fairly new install of Splunk 5.0.4, and i've now opened UDP:514 and the syslog is flowing in. The problem tho is that Splunk lists the hosts with theyr source IP adress instead of the real hostname.
The IPs are all resolveable in rDNS on the splunk server. I cant really find anything reasonable for this case in the manager section either.
What can cause this?
... View more