Alerting

Splunk scripted alert not taking the arguments/variables

ajaybguthi
Explorer

Hi
Am trying to configure scripted alerts from Splunk. But Splunk is not taking the arguments that are being passed. seeing the below error in the log files.

Cannot find script at /usr/Splunk/bin/scripts/sendtobmc.sh $5 $0 $1 $2 $3

If i remove the arguments that are being passed ($5 $0 ...) to the script its running the script fine with no issues

Please let me know if am missing anything here.

Thanks
Ajay.

Tags (2)
0 Karma

Gilberto_Castil
Splunk Employee
Splunk Employee

When you specify the script to run via SplunkWeb, you do not need to extropolate which variables are to be passed. Instead, the script can act as wrapper to handle ALL variables.

alt text

At this point, your script has the ability to use the variables.

# sendtobmc.sh
#! /bin/sh

bmcExec=/usr/bin/bmc/myBMCExec.sh
$bmcExec "$5" "$0" "$1" "$2" "$3"

# end of sendtobmc.sh

In essence the script is a handler or a wrapper to handle the output passed by the alert.


gc

0 Karma

JSapienza
Contributor

That's because the variables for the arguments are not defined. Is your scripts expecting the 5 arguments ? Post your script.

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...