Alerting

Why does the output for triggered alert scripts in Splunk contain ^ (hats/caret) characters?

ss250858
New Member

I am calling a script on a triggered alert to send an snmp trap, but it was coming across like this.

"index^=common^ sourcetype^=processor^ source^=*Online*^ ^(REQ^ OR^ RSP^)^ earliest^=-5m@m^ latest^=now^ ^

I thought it was something snmp was doing but i redirected the output via a batch script and it's coming directly from Splunk as the values being passed.

What would be causing these?

0 Karma

cmisztur
Explorer

good question...

0 Karma

rodrigorsilva
Communicator

Hi,

Saw this - hope its useful:

https://answers.splunk.com/answers/68372/generate-snmp-trap-from-splunk.html

This script is very used, I use it myself and never had problems.

Tks

Rodrigo Ribeiro

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.