diff --git a/package/etc/conf.d/conflib/_splunk/fix_dns.conf b/package/etc/conf.d/conflib/_splunk/fix_dns.conf
index 5dd0a94..753da04 100644
--- a/package/etc/conf.d/conflib/_splunk/fix_dns.conf
+++ b/package/etc/conf.d/conflib/_splunk/fix_dns.conf
@@ -22,7 +22,8 @@ class FixHostResolver(object):
 
             resolved = socket.gethostbyaddr(ipaddr)
             hostname = resolved[0]
-            log_message['HOST'] = hostname
+            name, ext = hostname.split('.')[-2:]
+            log_message['HOST'] = name
         except:
             pass
 
diff --git a/tests/test_common.py b/tests/test_common.py
index 625d374..b0b65b1 100644
--- a/tests/test_common.py
+++ b/tests/test_common.py
@@ -144,7 +144,7 @@ def test_fix_dns(record_property, setup_wordlist, setup_splunk, setup_sc4s):
 
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
-    st = env.from_string("search _time={{ epoch }} host=dns.google index=osnix \"[{{ pid }}]\" {{ host }} sourcetype=\"nix:syslog\"")
+    st = env.from_string("search _time={{ epoch }} host=dns index=osnix \"[{{ pid }}]\" {{ host }} sourcetype=\"nix:syslog\"")
     search = st.render(epoch=epoch, pid=pid, host=host)
 
     resultCount, eventCount = splunk_single(setup_splunk, search)