Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: cannot get search result by snmp modular input
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
now I am meeting difficulty in using snmp moudule inputs,
The OS platform is centos 5.9 , I have installed pyasn and pysnmp,
I create input in snmp moudule,as following
[snmp://172.17.1.4]
communitystring = siten
destination = 172.17.1.4
do_bulk_get = 0
index = eddy
ipv6 = 0
mib_names = CISCO-C2900-MIB,IP-MIB,IF-MIB
port = 161
snmp_mode = attributes
snmp_version = 1
sourcetype = snmp
split_bulk_output = 0
v3_authProtocol = usmHMACMD5AuthProtocol
v3_privProtocol = usmDESPrivProtocol
Howerver, I cannot get the search result, I am sure the snmp polling target 172.17.1.4 is available, wich can be accessed by other snmp tools.
who can tell me what is the trouble? and details setup step? Please, Thanks a lot.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
error log
[11/Jul/2014:15:13:31.161 +0800] "GET /zh-CN/api/shelper?snippet=true&snippetEmbedJS=false&namespace=search&search=search+index%3D_internal+ExecProcessor+error+snmp.py&useTypeahead=true&useAssistant=true&showCommandHelp=true&showCommandHistory=true&showFieldInfo=false&_=1405088827900 HTTP/1.1" 200 628 "https://172.16.11.26:8000/zh-CN/app/search/search?q=search%20index%3D_internal%20%20snmp.py&earliest..." "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36" - 53bf8e9b295115410 29ms
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Many thanks for suggestion,
1. sourcetype name has been changed as "snmp_ta", however , maybe the sourcetype name is not the key point
- I just to check the result by search "index=eddy" ,
3.some network device, for example, cisco 2900, 3560, Juniper ex220 , Are these MIBS included in the default egg? which mibs should i choose to polling these devices? just for CPU ,MEM,INTERFACE, or i have to import customer mib? Please give me more guide ,
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Index This | What travels the world but is also stuck in place?
Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data
Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...
