All Apps and Add-ons
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- No Such Instance currently exists at this OID
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
07:23 AM
Hi,
I try it, but i have some errors. I'm trying to query data from my fortigate.
I get these errors:
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" Traceback (most recent call last):
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" File "/opt/splunk/etc/apps/snmp_ta/bin/snmp.py", line 492, in <module>
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" do_run()
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" File "/opt/splunk/etc/apps/snmp_ta/bin/snmp.py", line 316, in do_run
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" lookupNames=True, lookupValues=True)
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" UnboundLocalError: local variable 'oid_args' referenced before assignment
In my splunk index:
FORTINET-FORTIGATE-MIB::fgSysCpuUsage."" = "No Such Instance currently exists at this OID"
FORTINET-CORE-MIB::fnSysSerial."" = "No Such Instance currently exists at this OID"
With MibViewer I have received the snmp reply:
Send snmp get request to x.x.x.x:161
.1.3.6.1.4.1.12356.100.1.1.1.0 (not in loaded mib files) --> FG600C3912801998
Send snmp get request to x.x.x.x1:161
.1.3.6.1.4.1.12356.101.4.1.3.0 (not in loaded mib files) --> 0
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-09-2013
12:56 AM
pffff... I have found the problem.
Wrong Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3
object_names = 1.3.6.1.4.1.12356.101.4.1.3
Good Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
You need to add an ".0" string to end of your query and all it is OK.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-09-2013
12:56 AM
pffff... I have found the problem.
Wrong Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3
object_names = 1.3.6.1.4.1.12356.101.4.1.3
Good Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
You need to add an ".0" string to end of your query and all it is OK.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Damien_Dallimor
Ultra Champion
07-09-2013
08:01 AM
Yes , unless you tell the SNMP Mod Input to do a bulk get (where it will walk the OID tree) , you need to provide the fully qualified OID name (all the way to the leaf).
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
11:22 PM
Hi, my local inputs.conf@snmp_ta:
[snmp://fortigate_A_FORTINET-CORE-MIB_query]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 0
mib_names = FORTINET-CORE-MIB
object_names = 1.3.6.1.4.1.12356.100.1.1.1
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp
split_bulk_output = 0
disabled = 0
[snmp://fortigate_A_FORTINET-FORTIGATE-MIB_query]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 0
mib_names = FORTINET-FORTIGATE-MIB
object_names = 1.3.6.1.4.1.12356.101.4.1.3
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp
split_bulk_output = 0
disabled = 0
[snmp://fortigate_A_trap]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 1
mib_names = FORTINET-FORTIGATE-MIB,FORTINET-CORE-MIB
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp_trap
split_bulk_output = 0
trap_host = y.y.y.y
trap_port = 162
disabled = 0
MIBs reference whitch works with mibviewer.exe:
http://www.oidview.com/mibs/12356/FORTINET-FORTIGATE-MIB.html
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
11:27 PM
I did try with Object Names too, but the result is wronger: no data @ my index. The result is the same with mibviewer.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Damien_Dallimor
Ultra Champion
07-08-2013
08:01 AM
You get the "No Such Instance currently exists at this OID" message if you make an SNMP request for a non-existent OID, or for an OID that has multiple instances without including an appropriate leaf instance identifier.
What does your SNMP configuration in Splunk look like (in the inputs.conf file) ?
Get Updates on the Splunk Community!
Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside
Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk ...
Splunk App Dev Community Updates – What’s New and What’s Next
Welcome to your go-to roundup of everything happening in the Splunk App Dev Community! Whether you're building ...
The Latest Cisco Integrations With Splunk Platform!
Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...
