Why does the output for triggered alert scripts in Splunk contain ^ (hats/caret) characters?

New Member

I am calling a script on a triggered alert to send an snmp trap, but it was coming across like this.

"index^=common^ sourcetype^=processor^ source^=*Online*^ ^(REQ^ OR^ RSP^)^ earliest^=-5m@m^ latest^=now^ ^

I thought it was something snmp was doing but i redirected the output via a batch script and it's coming directly from Splunk as the values being passed.

What would be causing these?

0 Karma


good question...

0 Karma



Saw this - hope its useful:

This script is very used, I use it myself and never had problems.


Rodrigo Ribeiro

0 Karma