Problem with sending SNMP traps to other systems

New Member

I tried to set up an alert Script in Pearl sending SNMP traps to other host like here. I Changed the Host:Port to my values, but when i try to run this script i got this error:

No log handling enabled - turning on stderr logging Value out of range (

Im not very good in Perl, so how can I fix this problem?

0 Karma


Hi, depending on the distribution used some packages must be installed to make use of snmptrap:


Which distribution you using?

Path Finder

Rodrigo -

Thanks for the assistance, it turns out that it was a net-snmp dependency issue on two of our three search heads. I am still seeing the error above when I manually execute the script, but when the script is fired as part of a Splunk alarm, it works properly.

Thanks for your help!

0 Karma


Can you post the code in PERL?

Rodrigo Ribeiro

Path Finder

Rodrigo -

I am having the exact same problem as the poster above, using the Splunk-provided SNMP perl script (pasted below).

# A script to enable using Splunk alerts to send an SNMP trap.
# Modify the following code as necessary for your local environment.
$hostPortSNMP = "qa-tm1:162"; # Host:Port of snmpd or other SNMP trap handler
$snmpTrapCmd = "/usr/bin/snmptrap"; # Path to snmptrap, from
$TRAPOID = ""; # Object IDentifier for traps/notifications 
$OID = ""; # Object IDentifier for objects, Splunk Enterprise OID is 27389
# Parameters passed in from the alert.
# $1-$9 is the positional parameter list. $ARGV[0] starts at $1 in Perl.
$searchCount = $ARGV[0]; # $1 - Number of events returned
$searchTerms = $ARGV[1]; # $2 - Search terms
$searchQuery = $ARGV[2]; # $3 - Fully qualified query string
$searchName = $ARGV[3]; # $4 - Name of saved search
$searchReason = $ARGV[4]; # $5 - Reason saved search triggered
$searchURL = $ARGV[5]; # $6 - URL/Permalink of saved search
$searchTags = $ARGV[6]; # $7 - Always empty as of 4.1
$searchPath = $ARGV[7]; # $8 - Path to raw saved results in Splunk instance (advanced)

# Send trap, with the parameter list above mapping down into the OID.
$cmd = qq/$snmpTrapCmd -v 2c -c public $hostPortSNMP '' $TRAPOID $OID.1 i $searchCount $OID.2 s "$searchTerms" $OID.3 s "$searchQuery" $OID.4 s "$searchName" $OID.5 s "$searchReason" $OID.6 s "$searchURL" $OID.7 s "$searchTags" $OID.8 s "$searchPath"/;

If you could provide any assistance I would greatly appreciate it.


0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!