Re: Splunk scripted alert not taking the arguments...

ajaybguthi · ‎06-17-2013

Hi
Am trying to configure scripted alerts from Splunk. But Splunk is not taking the arguments that are being passed. seeing the below error in the log files.

Cannot find script at /usr/Splunk/bin/scripts/sendtobmc.sh $5 $0 $1 $2 $3

If i remove the arguments that are being passed ($5 $0 ...) to the script its running the script fine with no issues

Please let me know if am missing anything here.

Thanks
Ajay.

Gilberto_Castil · ‎06-17-2013

When you specify the script to run via SplunkWeb, you do not need to extropolate which variables are to be passed. Instead, the script can act as wrapper to handle ALL variables.

At this point, your script has the ability to use the variables.

# sendtobmc.sh
#! /bin/sh

bmcExec=/usr/bin/bmc/myBMCExec.sh
$bmcExec "$5" "$0" "$1" "$2" "$3"

# end of sendtobmc.sh

In essence the script is a handler or a wrapper to handle the output passed by the alert.

gc

JSapienza · ‎06-17-2013

That's because the variables for the arguments are not defined. Is your scripts expecting the 5 arguments ? Post your script.

Splunk scripted alert not taking the arguments/variables

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation