Snmp queries to devices
The most widely used SNMP versions are SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). SNMP version 3 (SNMPv3) includes important changes with respect to previous versions, especially in security issues; however, its acceptance has been very low due to some implementation problems and incompatibilities.
If you’re using SNMPv1 or v2: Is the device configured with the correct community string in LogicMonitor (either at the global, group or device level)? If no community string is set, LogicMonitor defaults to using public. Note: Some Linux distributions significantly restrict which metrics are exposed if the community string is set to “public”. Therefore, we recommend you set your community string to something else. See the section below to verify that your device has the correct community string set.
If you’re using SNMPv3: Is the device configured with the correct authpass, privpass and username (either at the global, group or device level)? See the section below to verify that your device has the correct v3 credentials set.
Can queries from the collector device reach the monitored device?
What is snmpwalk?
snmpwalk is the name given to an SNMP application that executes multiple GETNEXT requests automatically. The SNMP GETNEXT request is used to query a device and grab SNMP data from a device. The snmpwalk command is used because it allows the user to chain GETNEXT requests together without having to enter unique commands for each OID or node within a subtree.
The snmpwalk is issued to the root node of the subtree so that information is collected from each connected node. This gives you an efficient way to collect information from a variety of devices such as routers and switches. The information it collects comes in the form of OIDs. An OID is an object that is part of the MIB within an SNMP-enabled device.
snmpwalk help menu.
[root@cnvtmxomk01 snmp]# snmpwalk -H
Configuration directives understood:
In snmpwalk.conf and snmpwalk.local.conf:
includeRequested (1|yes|true|0|no|false)
excludeRequested (1|yes|true|0|no|false)
printStatistics (1|yes|true|0|no|false)
dontCheckOrdering (1|yes|true|0|no|false)
timeResults (1|yes|true|0|no|false)
timeResultsSingle (1|yes|true|0|no|false)
In snmp.conf and snmp.local.conf:
extraX509SubDir string
x509CRLFile string
tlsAlgorithms string
localCert string
peerCert string
alias NAME TRANSPORT_DEFINITION
doDebugging (1|0)
debugTokens token[,token...]
logTimestamp (1|yes|true|0|no|false)
logOption string
mibdirs [mib-dirs|+mib-dirs|-mib-dirs]
mibs [mib-tokens|+mib-tokens]
mibfile mibfile-to-read
showMibErrors (1|yes|true|0|no|false)
commentToEOL (1|yes|true|0|no|false)
strictCommentTerm (1|yes|true|0|no|false)
mibAllowUnderline (1|yes|true|0|no|false)
mibWarningLevel integerValue
mibReplaceWithLatest (1|yes|true|0|no|false)
printNumericEnums (1|yes|true|0|no|false)
printNumericOids (1|yes|true|0|no|false)
escapeQuotes (1|yes|true|0|no|false)
dontBreakdownOids (1|yes|true|0|no|false)
quickPrinting (1|yes|true|0|no|false)
numericTimeticks (1|yes|true|0|no|false)
oidOutputFormat integerValue
suffixPrinting integerValue
extendedIndex (1|yes|true|0|no|false)
printHexText (1|yes|true|0|no|false)
printValueOnly (1|yes|true|0|no|false)
dontPrintUnits (1|yes|true|0|no|false)
hexOutputLength integerValue
dumpPacket (1|yes|true|0|no|false)
reverseEncodeBER (1|yes|true|0|no|false)
defaultPort integerValue
defCommunity string
noTokenWarnings (1|yes|true|0|no|false)
noRangeCheck (1|yes|true|0|no|false)
persistentDir string
tempFilePattern string
noDisplayHint (1|yes|true|0|no|false)
16bitIDs (1|yes|true|0|no|false)
clientaddr string
clientaddrUsesPort (1|yes|true|0|no|false)
serverSendBuf integerValue
serverRecvBuf integerValue
clientSendBuf integerValue
clientRecvBuf integerValue
noPersistentLoad (1|yes|true|0|no|false)
noPersistentSave (1|yes|true|0|no|false)
noContextEngineIDDiscovery (1|yes|true|0|no|false)
timeout integerValue
retries integerValue
defDomain application domain
defTarget application domain target
dontLoadHostConfig (1|yes|true|0|no|false)
defSecurityModel string
tsmUseTransportPrefix (1|yes|true|0|no|false)
defAuthType MD5|SHA
defPrivType DES|AES
defSecurityName string
defContext string
defPassphrase string
defAuthPassphrase string
defPrivPassphrase string
defAuthMasterKey string
defPrivMasterKey string
defAuthLocalizedKey string
defPrivLocalizedKey string
defVersion 1|2c|3
defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
trustCert trustCert FINGERPRINT|FILENAME
In snmpapp.conf and snmpapp.local.conf:
defDomain application domain
defTarget application domain target
engineID string
engineIDType num
engineIDNic string
[root@cnvtmxomk01 snmp]#
How to Use SNMPWALK to Retrieve the System Information
In this section, we will show you how to use the SNMPWALK command in Linux to retrieve the system information.
You can use the following options with the SNMPWALK command to retrieve system information, this with snmp version 1 and 2:
-v: Specify the SNMP version.
-c: Specify the community string which you have configured on the SNMP.
hostname: Specify the hostname or IP address of the system where the SNMP agent is installed.
OID: Specify the OID to return all SNMP objects.
snmpwalk -v2c -c <communuty> <ip_device>
To validate that the machine responds to snmpv3 you must execute the following command:
snmpwalk -v3 -u username -a MD5|SHA -A authphrase -x DES|AES -X privaphrase -l noAuthNoPriv|authNoPriv|authPriv ipaddress|hostExample:
snmpwalk -v3 -u 'La$taM0mk' -a SHA -A 'j4JJXzz_#Pcok1' -x AES -X 'lWts_Pok1#0n1r' -l AuthPriv Node_test_LATAM
Output:
The following example CLI command will return the IPS temperature information:
Command:snmpwalk -v 2c -c tinapc <IP address> 1.3.6.1.4.1.10734.3.5.2.5.5
Command Explanation:
In this case the CLI command breaks down as following;
snmpwalk = SNMP application
-v 2c = specifies what SNMP version to use (1, 2c, 3)
-c tinapc = specifies the community string. Note: The IPS has the SNMP read-only community string of "tinapc"
<IP address> = specifies the IP address of the IPS device
1.3.6.1.4.1.10734.3.5.2.5.5 = OID parameter for the IPS temperature information
Results:
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85
Results Explanation:
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27 = The chassis temperature (27° Celsius / 80.6° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50 = The major threshold value for chassis temperature (50° Celsius / 122° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55 = The critical threshold value of chassis temperature (55° Celsius / 131° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0 = The minimum value of the chassis temperature range ( 0° Celsius / 32° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85 = The maximum value of the chassis temperature range (85° Celsius / 185° Fahrenheit)