Snmp queries to devices
The most widely used SNMP versions are SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). SNMP version 3 (SNMPv3) includes important changes with respect to previous versions, especially in security issues; however, its acceptance has been very low due to some implementation problems and incompatibilities.
- If you’re using SNMPv1 or v2: Is the device configured with the correct community string in LogicMonitor (either at the global, group or device level)? If no community string is set, LogicMonitor defaults to using public. Note: Some Linux distributions significantly restrict which metrics are exposed if the community string is set to “public”. Therefore, we recommend you set your community string to something else. See the section below to verify that your device has the correct community string set.
- If you’re using SNMPv3: Is the device configured with the correct authpass, privpass and username (either at the global, group or device level)? See the section below to verify that your device has the correct v3 credentials set.
Can queries from the collector device reach the monitored device?
What is snmpwalk?
snmpwalk is the name given to an SNMP application that executes multiple GETNEXT requests automatically. The SNMP GETNEXT request is used to query a device and grab SNMP data from a device. The snmpwalk command is used because it allows the user to chain GETNEXT requests together without having to enter unique commands for each OID or node within a subtree.
The snmpwalk is issued to the root node of the subtree so that information is collected from each connected node. This gives you an efficient way to collect information from a variety of devices such as routers and switches. The information it collects comes in the form of OIDs. An OID is an object that is part of the MIB within an SNMP-enabled device.
snmpwalk help menu.
[root@cnvtmxomk01 snmp]# snmpwalk -H Configuration directives understood: In snmpwalk.conf and snmpwalk.local.conf: includeRequested (1|yes|true|0|no|false) excludeRequested (1|yes|true|0|no|false) printStatistics (1|yes|true|0|no|false) dontCheckOrdering (1|yes|true|0|no|false) timeResults (1|yes|true|0|no|false) timeResultsSingle (1|yes|true|0|no|false) In snmp.conf and snmp.local.conf: extraX509SubDir string x509CRLFile string tlsAlgorithms string localCert string peerCert string alias NAME TRANSPORT_DEFINITION doDebugging (1|0) debugTokens token[,token...] logTimestamp (1|yes|true|0|no|false) logOption string mibdirs [mib-dirs|+mib-dirs|-mib-dirs] mibs [mib-tokens|+mib-tokens] mibfile mibfile-to-read showMibErrors (1|yes|true|0|no|false) commentToEOL (1|yes|true|0|no|false) strictCommentTerm (1|yes|true|0|no|false) mibAllowUnderline (1|yes|true|0|no|false) mibWarningLevel integerValue mibReplaceWithLatest (1|yes|true|0|no|false) printNumericEnums (1|yes|true|0|no|false) printNumericOids (1|yes|true|0|no|false) escapeQuotes (1|yes|true|0|no|false) dontBreakdownOids (1|yes|true|0|no|false) quickPrinting (1|yes|true|0|no|false) numericTimeticks (1|yes|true|0|no|false) oidOutputFormat integerValue suffixPrinting integerValue extendedIndex (1|yes|true|0|no|false) printHexText (1|yes|true|0|no|false) printValueOnly (1|yes|true|0|no|false) dontPrintUnits (1|yes|true|0|no|false) hexOutputLength integerValue dumpPacket (1|yes|true|0|no|false) reverseEncodeBER (1|yes|true|0|no|false) defaultPort integerValue defCommunity string noTokenWarnings (1|yes|true|0|no|false) noRangeCheck (1|yes|true|0|no|false) persistentDir string tempFilePattern string noDisplayHint (1|yes|true|0|no|false) 16bitIDs (1|yes|true|0|no|false) clientaddr string clientaddrUsesPort (1|yes|true|0|no|false) serverSendBuf integerValue serverRecvBuf integerValue clientSendBuf integerValue clientRecvBuf integerValue noPersistentLoad (1|yes|true|0|no|false) noPersistentSave (1|yes|true|0|no|false) noContextEngineIDDiscovery (1|yes|true|0|no|false) timeout integerValue retries integerValue defDomain application domain defTarget application domain target dontLoadHostConfig (1|yes|true|0|no|false) defSecurityModel string tsmUseTransportPrefix (1|yes|true|0|no|false) defAuthType MD5|SHA defPrivType DES|AES defSecurityName string defContext string defPassphrase string defAuthPassphrase string defPrivPassphrase string defAuthMasterKey string defPrivMasterKey string defAuthLocalizedKey string defPrivLocalizedKey string defVersion 1|2c|3 defSecurityLevel noAuthNoPriv|authNoPriv|authPriv trustCert trustCert FINGERPRINT|FILENAME In snmpapp.conf and snmpapp.local.conf: defDomain application domain defTarget application domain target engineID string engineIDType num engineIDNic string [root@cnvtmxomk01 snmp]#
How to Use SNMPWALK to Retrieve the System Information
In this section, we will show you how to use the SNMPWALK command in Linux to retrieve the system information.
You can use the following options with the SNMPWALK command to retrieve system information, this with snmp version 1 and 2:
- -v: Specify the SNMP version.
- -c: Specify the community string which you have configured on the SNMP.
- hostname: Specify the hostname or IP address of the system where the SNMP agent is installed.
- OID: Specify the OID to return all SNMP objects.
snmpwalk -v2c -c <communuty> <ip_device>
To validate that the machine responds to snmpv3 you must execute the following command:
snmpwalk -v3 -u username -a MD5|SHA -A authphrase -x DES|AES -X privaphrase -l noAuthNoPriv|authNoPriv|authPriv ipaddress|host
Example:
snmpwalk -v3 -u 'La$taM0mk' -a SHA -A 'j4JJXzz_#Pcok1' -x AES -X 'lWts_Pok1#0n1r' -l AuthPriv Node_test_LATAM
Output:
The following example CLI command will return the IPS temperature information: Command:snmpwalk -v 2c -c tinapc <IP address> 1.3.6.1.4.1.10734.3.5.2.5.5 Command Explanation: In this case the CLI command breaks down as following; snmpwalk = SNMP application -v 2c = specifies what SNMP version to use (1, 2c, 3) -c tinapc = specifies the community string. Note: The IPS has the SNMP read-only community string of "tinapc" <IP address> = specifies the IP address of the IPS device 1.3.6.1.4.1.10734.3.5.2.5.5 = OID parameter for the IPS temperature information Results: SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27 SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50 SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55 SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0 SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85 Results Explanation: SNMPv2-SMI::enterprises.10734.3.5.2.5.5.1.0 = INTEGER: 27 = The chassis temperature (27° Celsius / 80.6° Fahrenheit) SNMPv2-SMI::enterprises.10734.3.5.2.5.5.2.0 = INTEGER: 50 = The major threshold value for chassis temperature (50° Celsius / 122° Fahrenheit) SNMPv2-SMI::enterprises.10734.3.5.2.5.5.3.0 = INTEGER: 55 = The critical threshold value of chassis temperature (55° Celsius / 131° Fahrenheit) SNMPv2-SMI::enterprises.10734.3.5.2.5.5.4.0 = INTEGER: 0 = The minimum value of the chassis temperature range ( 0° Celsius / 32° Fahrenheit) SNMPv2-SMI::enterprises.10734.3.5.2.5.5.5.0 = INTEGER: 85 = The maximum value of the chassis temperature range (85° Celsius / 185° Fahrenheit)