In Splunk, 'host' is indeed a metadata field assigned to every event. It identifies the source of the event, such as a server, a device, or any source that generates log data. This makes it easier to organize and search through events based on their origin. Other options like 'owner', 'bytes', and 'action' are not standard metadata fields in Splunk.