Why is Docker Splunk UF sending logs with 2 different hostnames?

Docker-compose splunkuf: image: splunk/universalforwarder:7.0.2 network_mode: host environment: SPLUNK_START_ARGS: --accept-license --answer-yes SPLUNK_USER: root SPLUNK_CMD: install app /tmp/splunkclouduf.spl -auth admin:changeme SPLUNK_DEPLOYMENT_SERVER: XXXX.cloud.splunk.com:8089 SPLUNK_ADD_1: monitor /docker/log SPLUNK_ADD_2: monitor /mnt/logs/postgres volumes: - /opt/splunk/etc - /opt/splunk/var - /var/log:/docker/log - $DATA_DIR/logs/postgres:/mnt/logs/postgres - $DATA_DIR/certs/splunkclouduf.spl:/tmp/splunkclouduf.spl The container is running in Ubuntu instance. In Splunk cloud I can see 2 hostnames for the same instance: 1. ubuntu 2. The real hostname Any reason why it happens?