diff --git a/CHANGELOG.md b/CHANGELOG.md
index d5b7c457..30cbcb4a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Change Log
 
+## unreleased
+
+- [agent] Add hostname of machine the alert was read from. This
+  includes the server when instructed to input events. The hostname of
+  the machine generating the alert is added to "evebox" field.
+
 ## 0.17.2 - 2023-05-27
 
 - [elastic] Fixing negation queries using '-':
diff --git a/Cargo.lock b/Cargo.lock
index 1cceb519..4ad44bf7 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -507,6 +507,7 @@ dependencies = [
  "directories",
  "filetime",
  "futures",
+ "gethostname",
  "glob",
  "humantime",
  "hyper",
@@ -682,6 +683,16 @@ dependencies = [
  "version_check",
 ]
 
+[[package]]
+name = "gethostname"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0176e0459c2e4a1fe232f984bca6890e681076abb9934f6cea7c326f3fc47818"
+dependencies = [
+ "libc",
+ "windows-targets 0.48.0",
+]
+
 [[package]]
 name = "getrandom"
 version = "0.2.8"
@@ -999,9 +1010,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
 
 [[package]]
 name = "libc"
-version = "0.2.140"
+version = "0.2.147"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "99227334921fae1a979cf0bfdfcc6b3e5ce376ef57e16fb6fb3ea2ed6095f80c"
+checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3"
 
 [[package]]
 name = "libflate"
diff --git a/Cargo.toml b/Cargo.toml
index 981dd921..bf3e3905 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -66,6 +66,7 @@ libc = { version = "0.2.140", default_features = false }
 
 rcgen = { git = "https://github.com/jasonish/rcgen", branch = "0.11.0-disable-botan" }
 directories = "5.0.1"
+gethostname = "0.4.3"
 
 [patch.crates-io]
 # Patch Rusqlite for now. 0.28.0 uses SQLite 3.39, but 3.40 is much
diff --git a/src/eve/filters.rs b/src/eve/filters.rs
index d0fccd55..7ba077ee 100644
--- a/src/eve/filters.rs
+++ b/src/eve/filters.rs
@@ -67,6 +67,11 @@ impl EveBoxMetadataFilter {
             }
         }
 
+        // Add the hostname.
+        if let Ok(hostname) = gethostname::gethostname().into_string() {
+            event["evebox"]["hostname"] = hostname.into();
+        }
+
         // Add a tags object.
         if event.get("tags").is_none() {
             event["tags"] = serde_json::Value::Array(vec![]);