Snmp queries to devices

The most widely used SNMP versions are SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). SNMP version 3 (SNMPv3) includes important changes with respect to previous versions, especially in security issues; however, its acceptance has been very low due to some implementation problems and incompatibilities.


  • If you’re using SNMPv1 or v2: Is the device configured with the correct community string in LogicMonitor (either at the global, group or device level)? If no community string is set, LogicMonitor defaults to using public. Note: Some Linux distributions significantly restrict which metrics are exposed if the community string is set to “public”. Therefore, we recommend you set your community string to something else.  See the section below to verify that your device has the correct community string set.
  • If you’re using SNMPv3: Is the device configured with the correct authpass, privpass and username (either at the global, group or device level)? See the section below to verify that your device has the correct v3 credentials set.
    Can queries from the collector device reach the monitored device? 


What is snmpwalk?

snmpwalk is the name given to an SNMP application that executes multiple GETNEXT requests automatically. The SNMP GETNEXT request is used to query a device and grab SNMP data from a device. The snmpwalk command is used because it allows the user to chain GETNEXT requests together without having to enter unique commands for each OID or node within a subtree.

The snmpwalk is issued to the root node of the subtree so that information is collected from each connected node. This gives you an efficient way to collect information from a variety of devices such as routers and switches. The information it collects comes in the form of OIDs. An OID is an object that is part of the MIB within an SNMP-enabled device.

snmpwalk help menu.

[root@cnvtmxomk01 snmp]# snmpwalk -H
Configuration directives understood:
  In snmpwalk.conf and snmpwalk.local.conf:
    includeRequested         (1|yes|true|0|no|false)
    excludeRequested         (1|yes|true|0|no|false)
    printStatistics          (1|yes|true|0|no|false)
    dontCheckOrdering        (1|yes|true|0|no|false)
    timeResults              (1|yes|true|0|no|false)
    timeResultsSingle        (1|yes|true|0|no|false)
  In snmp.conf and snmp.local.conf:
    extraX509SubDir          string
    x509CRLFile              string
    tlsAlgorithms            string
    localCert                string
    peerCert                 string
    alias                    NAME TRANSPORT_DEFINITION
    doDebugging              (1|0)
    debugTokens              token[,token...]
    logTimestamp             (1|yes|true|0|no|false)
    logOption                string
    mibdirs                  [mib-dirs|+mib-dirs|-mib-dirs]
    mibs                     [mib-tokens|+mib-tokens]
    mibfile                  mibfile-to-read
    showMibErrors            (1|yes|true|0|no|false)
    commentToEOL             (1|yes|true|0|no|false)
    strictCommentTerm        (1|yes|true|0|no|false)
    mibAllowUnderline        (1|yes|true|0|no|false)
    mibWarningLevel          integerValue
    mibReplaceWithLatest     (1|yes|true|0|no|false)
    printNumericEnums        (1|yes|true|0|no|false)
    printNumericOids         (1|yes|true|0|no|false)
    escapeQuotes             (1|yes|true|0|no|false)
    dontBreakdownOids        (1|yes|true|0|no|false)
    quickPrinting            (1|yes|true|0|no|false)
    numericTimeticks         (1|yes|true|0|no|false)
    oidOutputFormat          integerValue
    suffixPrinting           integerValue
    extendedIndex            (1|yes|true|0|no|false)
    printHexText             (1|yes|true|0|no|false)
    printValueOnly           (1|yes|true|0|no|false)
    dontPrintUnits           (1|yes|true|0|no|false)
    hexOutputLength          integerValue
    dumpPacket               (1|yes|true|0|no|false)
    reverseEncodeBER         (1|yes|true|0|no|false)
    defaultPort              integerValue
    defCommunity             string
    noTokenWarnings          (1|yes|true|0|no|false)
    noRangeCheck             (1|yes|true|0|no|false)
    persistentDir            string
    tempFilePattern          string
    noDisplayHint            (1|yes|true|0|no|false)
    16bitIDs                 (1|yes|true|0|no|false)
    clientaddr               string
    clientaddrUsesPort       (1|yes|true|0|no|false)
    serverSendBuf            integerValue
    serverRecvBuf            integerValue
    clientSendBuf            integerValue
    clientRecvBuf            integerValue
    noPersistentLoad         (1|yes|true|0|no|false)
    noPersistentSave         (1|yes|true|0|no|false)
    noContextEngineIDDiscovery (1|yes|true|0|no|false)
    timeout                  integerValue
    retries                  integerValue
    defDomain                application domain
    defTarget                application domain target
    dontLoadHostConfig       (1|yes|true|0|no|false)
    defSecurityModel         string
    tsmUseTransportPrefix    (1|yes|true|0|no|false)
    defAuthType              MD5|SHA
    defPrivType              DES|AES
    defSecurityName          string
    defContext               string
    defPassphrase            string
    defAuthPassphrase        string
    defPrivPassphrase        string
    defAuthMasterKey         string
    defPrivMasterKey         string
    defAuthLocalizedKey      string
    defPrivLocalizedKey      string
    defVersion               1|2c|3
    defSecurityLevel         noAuthNoPriv|authNoPriv|authPriv
    trustCert                trustCert FINGERPRINT|FILENAME
  In snmpapp.conf and snmpapp.local.conf:
    defDomain                application domain
    defTarget                application domain target
    engineID                 string
    engineIDType             num
    engineIDNic              string
[root@cnvtmxomk01 snmp]#



How to Use SNMPWALK to Retrieve the System Information

In this section, we will show you how to use the SNMPWALK command in Linux to retrieve the system information.

You can use the following options with the SNMPWALK command to retrieve system information, this with snmp version 1 and 2:

  • -v: Specify the SNMP version.
  • -c: Specify the community string which you have configured on the SNMP.
  • hostname: Specify the hostname or IP address of the system where the SNMP agent is installed.
  • OID: Specify the OID to return all SNMP objects.


snmpwalk -v2c -c <communuty>  <ip_device>


To validate that the machine responds to snmpv3 you must execute the following command:

snmpwalk -v3 -u username -a MD5|SHA -A authphrase -x DES|AES -X privaphrase -l noAuthNoPriv|authNoPriv|authPriv ipaddress|host

 Example:

snmpwalk -v3 -u 'La$taM0mk' -a SHA -A 'j4JJXzz_#Pcok1' -x AES -X 'lWts_Pok1#0n1r' -l AuthPriv Node_test_LATAM


Output:

The following example CLI command will return the IPS temperature information:

Command:snmpwalk -v 2c -c tinapc <IP address> 1.3.6.1.4.1.10734.3.5.2.5.5

Command Explanation:

In this case the CLI command breaks down as following;

snmpwalk                             = SNMP application
-v 2c                                     = specifies what SNMP version to use (1, 2c, 3)
-c tinapc                               = specifies the community string. Note: The IPS has the SNMP read-only community string of "tinapc"
<IP address>                       = specifies the IP address of the IPS device
1.3.6.1.4.1.10734.3.5.2.5.5 = OID parameter for the IPS temperature information

Results:

SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85

Results Explanation:

SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27 = The chassis temperature (27° Celsius / 80.6° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50 = The major threshold value for chassis temperature (50° Celsius / 122° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55 = The critical threshold value of chassis temperature (55° Celsius / 131° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0   = The minimum value of the chassis temperature range ( 0° Celsius / 32° Fahrenheit)
SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85 = The maximum value of the chassis temperature range (85° Celsius / 185° Fahrenheit)