Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
All Apps and Add-ons
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- No Such Instance currently exists at this OID
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
07:23 AM
Hi,
I try it, but i have some errors. I'm trying to query data from my fortigate.
I get these errors:
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" Traceback (most recent call last):
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" File "/opt/splunk/etc/apps/snmp_ta/bin/snmp.py", line 492, in <module>
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" do_run()
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" File "/opt/splunk/etc/apps/snmp_ta/bin/snmp.py", line 316, in do_run
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" lookupNames=True, lookupValues=True)
/opt/splunk/etc/apps/snmp_ta/bin/snmp.py" UnboundLocalError: local variable 'oid_args' referenced before assignment
In my splunk index:
FORTINET-FORTIGATE-MIB::fgSysCpuUsage."" = "No Such Instance currently exists at this OID"
FORTINET-CORE-MIB::fnSysSerial."" = "No Such Instance currently exists at this OID"
With MibViewer I have received the snmp reply:
Send snmp get request to x.x.x.x:161
.1.3.6.1.4.1.12356.100.1.1.1.0 (not in loaded mib files) --> FG600C3912801998
Send snmp get request to x.x.x.x1:161
.1.3.6.1.4.1.12356.101.4.1.3.0 (not in loaded mib files) --> 0
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-09-2013
12:56 AM
pffff... I have found the problem.
Wrong Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3
object_names = 1.3.6.1.4.1.12356.101.4.1.3
Good Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
You need to add an ".0" string to end of your query and all it is OK.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-09-2013
12:56 AM
pffff... I have found the problem.
Wrong Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3
object_names = 1.3.6.1.4.1.12356.101.4.1.3
Good Settings:
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
object_names = 1.3.6.1.4.1.12356.101.4.1.3.0
You need to add an ".0" string to end of your query and all it is OK.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Damien_Dallimor
Ultra Champion
07-09-2013
08:01 AM
Yes , unless you tell the SNMP Mod Input to do a bulk get (where it will walk the OID tree) , you need to provide the fully qualified OID name (all the way to the leaf).
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
11:22 PM
Hi, my local inputs.conf@snmp_ta:
[snmp://fortigate_A_FORTINET-CORE-MIB_query]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 0
mib_names = FORTINET-CORE-MIB
object_names = 1.3.6.1.4.1.12356.100.1.1.1
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp
split_bulk_output = 0
disabled = 0
[snmp://fortigate_A_FORTINET-FORTIGATE-MIB_query]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 0
mib_names = FORTINET-FORTIGATE-MIB
object_names = 1.3.6.1.4.1.12356.101.4.1.3
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp
split_bulk_output = 0
disabled = 0
[snmp://fortigate_A_trap]
communitystring = forti
destination = x.x.x.x
do_bulk_get = 0
host = x.x.x.x
index = snmp
ipv6 = 0
listen_traps = 1
mib_names = FORTINET-FORTIGATE-MIB,FORTINET-CORE-MIB
port = 161
snmp_version = 2C
snmpinterval = 60
sourcetype = snmp_trap
split_bulk_output = 0
trap_host = y.y.y.y
trap_port = 162
disabled = 0
MIBs reference whitch works with mibviewer.exe:
http://www.oidview.com/mibs/12356/FORTINET-FORTIGATE-MIB.html
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
szaboszilard
Path Finder
07-08-2013
11:27 PM
I did try with Object Names too, but the result is wronger: no data @ my index. The result is the same with mibviewer.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Damien_Dallimor
Ultra Champion
07-08-2013
08:01 AM
You get the "No Such Instance currently exists at this OID" message if you make an SNMP request for a non-existent OID, or for an OID that has multiple instances without including an appropriate leaf instance identifier.
What does your SNMP configuration in Splunk look like (in the inputs.conf file) ?
Get Updates on the Splunk Community!
Introducing Splunk Enterprise 9.2
WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...
Adoption of RUM and APM at Splunk
Unleash the power of Splunk Observability
Watch Now
In this can't miss Tech Talk! The Splunk Growth ...
Routing logs with Splunk OTel Collector for Kubernetes
The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...
