has anyone ever work with polling system information using snmpget and write it into files
or using a scripted data input to poll them using snmpget?
this is critical for my client who can only offer snmp as the only way to get data from the devices
So, if you wanted to spin it into a key=value pair to make it nice and easy for Splunk, you could do something in Python like this:
import subprocess, re
snmp_proc = subprocess.Popen('snmpget -v <snmp version> -c <community string> <IP> <OID>', shell=True, stdout=subprocess.PIPE)
raw_oid_value = snmp_proc.stdout.read()
oid_value = re.match('^.*Counter64:\s(?P<number>.*?)$', raw_oid_value)
print "snmp_key=" + oid_value
Or, you could just use something simple from a sh script and do all of the parsing in Splunk:
snmpget -c <community string> -v <snmp version> <IP> <OID>
Not to be picky about the example provided, but shouldn't it be something like:
...
oid_value = re.match('^.Counter64:\s(?P
if oid_value:
print "snmp_key=" + oid_value.group(1)
So, if you wanted to spin it into a key=value pair to make it nice and easy for Splunk, you could do something in Python like this:
import subprocess, re
snmp_proc = subprocess.Popen('snmpget -v <snmp version> -c <community string> <IP> <OID>', shell=True, stdout=subprocess.PIPE)
raw_oid_value = snmp_proc.stdout.read()
oid_value = re.match('^.*Counter64:\s(?P<number>.*?)$', raw_oid_value)
print "snmp_key=" + oid_value
Or, you could just use something simple from a sh script and do all of the parsing in Splunk:
snmpget -c <community string> -v <snmp version> <IP> <OID>
What you are asking is no different that any other scripted inputs.
The only advice is to reformat the data from your snmpget command to something very suitable for Splunk (i.e. key=value).