I tried to set up an alert Script in Pearl sending SNMP traps to other host like here. I Changed the Host:Port to my values, but when i try to run this script i got this error:
No log handling enabled - turning on stderr logging
22.214.171.124.4.1.27389.1.1: Value out of range (126.96.36.199.4.1.27389.1.2)
Im not very good in Perl, so how can I fix this problem?
Hi, depending on the distribution used some packages must be installed to make use of snmptrap:
Which distribution you using?
Thanks for the assistance, it turns out that it was a net-snmp dependency issue on two of our three search heads. I am still seeing the error above when I manually execute the script, but when the script is fired as part of a Splunk alarm, it works properly.
Thanks for your help!
I am having the exact same problem as the poster above, using the Splunk-provided SNMP perl script (pasted below).
#!/usr/bin/perl # # sendsnmptrap.pl: A script to enable using Splunk alerts to send an SNMP trap. # # Modify the following code as necessary for your local environment. # $hostPortSNMP = "qa-tm1:162"; # Host:Port of snmpd or other SNMP trap handler $snmpTrapCmd = "/usr/bin/snmptrap"; # Path to snmptrap, from http://www.net-snmp.org $TRAPOID = "188.8.131.52.4.1.27389.1.2"; # Object IDentifier for traps/notifications $OID = "184.108.40.206.4.1.27389.1.1"; # Object IDentifier for objects, Splunk Enterprise OID is 27389 # Parameters passed in from the alert. # $1-$9 is the positional parameter list. $ARGV starts at $1 in Perl. $searchCount = $ARGV; # $1 - Number of events returned $searchTerms = $ARGV; # $2 - Search terms $searchQuery = $ARGV; # $3 - Fully qualified query string $searchName = $ARGV; # $4 - Name of saved search $searchReason = $ARGV; # $5 - Reason saved search triggered $searchURL = $ARGV; # $6 - URL/Permalink of saved search $searchTags = $ARGV; # $7 - Always empty as of 4.1 $searchPath = $ARGV; # $8 - Path to raw saved results in Splunk instance (advanced) # Send trap, with the parameter list above mapping down into the OID. $cmd = qq/$snmpTrapCmd -v 2c -c public $hostPortSNMP '' $TRAPOID $OID.1 i $searchCount $OID.2 s "$searchTerms" $OID.3 s "$searchQuery" $OID.4 s "$searchName" $OID.5 s "$searchReason" $OID.6 s "$searchURL" $OID.7 s "$searchTags" $OID.8 s "$searchPath"/; system($cmd);
If you could provide any assistance I would greatly appreciate it.