Why does the output for triggered alert scripts in...

ss250858 · ‎11-15-2016

I am calling a script on a triggered alert to send an snmp trap, but it was coming across like this.

"index^=common^ sourcetype^=processor^ source^=*Online*^ ^(REQ^ OR^ RSP^)^ earliest^=-5m@m^ latest^=now^ ^

I thought it was something snmp was doing but i redirected the output via a batch script and it's coming directly from Splunk as the values being passed.

What would be causing these?

cmisztur · ‎07-07-2017

good question...

rodrigorsilva · ‎11-17-2016

Hi,

Saw this - hope its useful:

https://answers.splunk.com/answers/68372/generate-snmp-trap-from-splunk.html

This script is very used, I use it myself and never had problems.

Tks

Rodrigo Ribeiro

Why does the output for triggered alert scripts in Splunk contain ^ (hats/caret) characters?

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

Why does the output for triggered alert scripts in Splunk contain ^ (hats/caret) characters?

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >