diff --git a/tools/config/splunk-zeek.yml b/tools/config/splunk-zeek.yml
index c7c4920bf..ad24f9f3a 100644
--- a/tools/config/splunk-zeek.yml
+++ b/tools/config/splunk-zeek.yml
@@ -404,7 +404,7 @@ fieldmappings:
     - query
     - server_name
   service.response_code: status_code
-  source: id.orig_h
+#  source: id.orig_h
   SourceAddr: id.orig_h
   SourceAddress: id.orig_h
   SourceIP: id.orig_h