Title: snmp commands
Subject: snmp commands on linux
=================================================================
SNMP shit:
edit snmpd.conf
# VACM configuration entries
rwuser initial
# lets add the new user we'll create too:
rwuser wes
# USM configuration entries
createUser initial MD5 setup_password DES
# Note: User "wes" will be granted administrative privileges.
# Note: passwords (passphrases really) must be 8 characters minimum in length.
# "wes" is cloned from "initial" in the process,
# so he inherits that users password ("setup_password").
snmpusm -v 3 \
-u initial \
-n " -l authNoPriv \
-a MD5 \
-A setup_password localhost \
create wes initial
# Change passphrase for "wes"
snmpusm -v 3 \
-u wes \
-n " \
-l authNoPriv \
-a MD5 \
-A setup_password localhost \
passwd -setup_password new_passphrase
# Perform an authenticated snmpv3 GET request to the agent.
snmpget -v 3 \
-u wes \
-n " \
-l authNoPriv \
-a MD5 \
-A new_passphrase localhost \
sysUpTime.0
# Now, remove the vacm "group" snmpd.conf entry for the "initial" user.
# and you have a valid user 'wes' that you can use.
##
##
######################################################
#
# 1. snmptranslate: learning about the MIB tree.
# From name, get number
snmptranslate system.sysUpTime.0
# .1.3.6.1.2.1.1.3.0
#
# 2. snmpget: retrieving data from a host.
snmptranslate -On .iso.3.6.1.private.enterprises.2021.2.1.prNames.0 enterprises.ucdavis.procTable.prEntry.prNames.0
snmptranslate -Ofn .iso.3.6.1.private.enterprises.2021.2.1.prNames.0
# .iso.org.dod.internet.private.enterprises.ucdavis.prTable.prEntry.prNames.0
snmptranslate -On .iso.3.6.1.private.enterprises.2021.2.1.prNames.0
# enterprises.ucdavis.prTable.prEntry.prNames.0
snmptranslate -On -Ib 'sys.*ime'
# system.sysUpTime
## wild-card lookup
snmptranslate -Ofn -Ib 'sys.*ime'
# .iso.org.dod.internet.mgmt.mib-2.system.sysUpTime
##
snmptranslate -On -TB 'vacm.*table'
# .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmContextTable
# .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmSecurityToGroupTable
# .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmAccessTable
# .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmMIBViews.vacmViewTreeFamilyTable
###########################################
# snmptranslate ifMIB
# .1.3.6.1.2.1.31
# snmptranslate -Ofn .1.3.6.1.2.1.31
# .iso.org.dod.internet.mgmt.mib-2.ifMIB
# vi /etc/ucdsnmp.conf
# view fullview included .iso.org.dod.internet.mgmt.mib-2.ifMIB
# snmpwalk localhost public ifMIB
# <bunch of mib network vlaues are now available>
###########################################
# had to find the odi for a variable hrSystemInitialLoadDevice
# snmpwalk localhost public .1.3.6.1.2.1 |grep hrSystemInitialLoadDevice
# host.hrSystem.hrSystemInitialLoadDevice.0 = 1536
# snmptranslate host.hrSystem.hrSystemInitialLoadDevice.0
# .1.3.6.1.2.1.25.1.3.0
###########################################
## Get info about a mib with -Td (descritpon) flag:
snmptranslate -Td -Ib 'sys.*ime'
# .1.3.6.1.2.1.1.3
# sysUpTime OBJECT-TYPE
# -- FROM SNMPv2-MIB, RFC1213-MIB
# SYNTAX TimeTicks
# MAX-ACCESS read-only
# STATUS current
# DESCRIPTION "The time (in hundredths of a second) since the network
# management portion of the system was last re-initialized."
# ::= { iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) system(1) 3 }
## Get a pretty diagram of mib tree, check out the -Tp flag:
snmptranslate -Tp system
# +--system(1)
# |
# +-- -R-- String sysDescr(1)
# | Textual Convention: DisplayString
# | Size: 0..255
# +-- -R-- ObjID sysObjectID(2)
# +-- -R-- TimeTicks sysUpTime(3)
# +-- -RW- String sysContact(4)
# | Textual Convention: DisplayString
# | Size: 0..255
# +-- -RW- String sysName(5)
# | Textual Convention: DisplayString
# | Size: 0..255
# +-- -RW- String sysLocation(6)
# | Textual Convention: DisplayString
# | Size: 0..255
# +-- -R-- INTEGER sysServices(7)
# | Range: 0..127
# +-- -R-- TimeTicks sysORLastChange(8)
# | Textual Convention: TimeStamp
# |
# +--sysORTable(9)
# |
# +--sysOREntry(1)
# | Index: sysORIndex
# |
# +-- ---- INTEGER sysORIndex(1)
# | Range: 1..2147483647
# +-- -R-- ObjID sysORID(2)
# +-- -R-- String sysORDescr(3)
# | Textual Convention: DisplayString
# | Size: 0..255
# +-- -R-- TimeTicks sysORUpTime(4)
Textual Convention: TimeStamp
##
######################################################
# Get data from remote host given it's hostnmae, community, and oid.
snmpget localhost public system.sysUpTime.0
# system.sysUpTime.0 = Timeticks: (910923) 2:31:49.23
# snmp version 2 example
snmpget -v 2c localhost public system.sysUpTime.0
# system.sysUpTime.0 = Timeticks: (933856) 2:35:38.56
# query for multiple ODI's in one query
snmpget -v 2c localhost public sysUpTime.0 ucdDemoUserList.0
system.sysUpTime.0 = Timeticks: (948272) 2:38:02.72
enterprises.ucdavis.ucdDemoMIB.ucdDemoMIBObjects.ucdDemoPublic.ucdDemoUserList.0 = No Such Object available on this agent
##
######################################################
## Used to retrieve the next oid in the mib tree.
# Here we requesion one oid, and recieve the nex oid back
snmpgetnext localhost public system.sysUpTime.0
# system.sysContact.0 = JohnStile <john@stilen.com> (configure /etc/snmp/snmp.local.conf)
##
######################################################
##
snmpwalk localhost public system
# lots of data
snmptable -w 80 localhost public sysORTable
# Modify
3. snmpgetnext: retrieving unknown indexed data.
4. snmpwalk: retrieving lots of data at once!
5. snmptable: displaying table.
6. snmpset: peforming write operations.
7. snmptrap: Sending and receiving traps, and acting upon them.
1. Sending and receiving SNMPv3 TRAPs and INFORMs
8. Common command options:
1. Using and loading MIBS
2. SNMPv3 Options
3. Customized Output Formats
########################################################
## SNMPv3 INFORMs
1. Stop any currently running snmptrapd
/etc/init.d/snmptrapd stop
2. Create user adding this to /var/ucd-snmp/snmptrapd.conf
###############################################
# myuser="security name"
# mypassword="authentication password"
# myotherpassword="your encryption password"
# <blank for no passwd or same as mypassword>
createUser juan MD5 whatalife DES lifesucks
3. Restart the snmptrapd program.
/etc/init.d/snmptrapd start
4. Now, send trap demon a coldStart INFORM
snmpinform -v 3 \
-u $myuser \
-a MD5 \
-A $mypassword \
-l authNoPriv \
localhost 42 coldStart.0
# You should see snmptrapd output:
#
# 2001-10-31 11:21:05 localhost.localdomain [127.0.0.1]:
# sysUpTimeInstance = Timeticks: (42) 0:00:00.42 snmpTrapOID.0 = OID: coldStart.0
########################################################
## SNMPv3 TRAPs
1. Stop any currently running snmptrapd
/etc/init.d/snmptrapd stop
2. Create user adding this to /var/ucd-snmp/snmptrapd.conf:
createUser -e 0x0102030405 myuser MD5 mypassword DES myotherpassword
# This time we set engineID=0x0102030405
3. (re)start the snmptrapd program.
/etc/init.d/snmptrapd start
4. Now, send trap demon a coldStart TRAP
snmptrap -e 0x0102030405 \
-v 3 \
-u myuser \
-a MD5 \
-A mypassword \
-l authNoPriv \
localhost 42 coldStart.0
########################################################
# READ SNMPv3 working group 18223 lines of text (RFCs 2570 - 2575)
# for details about:
v3 engineIDs,
INFORMs,
TRAPs,
engineID
discovery,
secret keys,
passwords,
localized keys,
etc.
########################################################
# Using local MIBs
# By default mibs load from directories:
$HOME/.snmp/mibs
- then -
/usr/local/share/snmp/mibs
# first, put a custom mib in $HOME/.snmp/mibs
mv CISCO-RHINO-MIB $HOME/.snmp/mibs
# Now, lets use the -m flag to load that custom mib.
snmptranslate -m +CISCO-RHINO-MIB \
-IR ciscoLS1010ChassisFanLed
# Dependency in CISCO-RHINO-MIB for CISCO-SMI
snmptranslate -m +CISCO-RHINO-MIB -IR ciscoLS1010ChassisFanLed
Cannot find module (CISCO-SMI): At line 31 in $HOME/.snmp/mibs/CISCO-RHINO-MIB.my
Unlinked OID in CISCO-RHINO-MIB: ciscoLS1010ChassisMIB ::= { workgroup 11 }
Cannot adopt OID in CISCO-RHINO-MIB: ciscoAtmSwitchInvalidCellHeader ::= { ciscoAtmSwitchInvalidCellHeaderEntry 2 }
... rest of output truncated ...
# Fix dependency by also putting CISCO-SMI in same dir.
mv CISCO-SMI $HOME/.snmp/mibs
# Run it again:
snmptranslate -m +CISCO-RHINO-MIB -IR ciscoLS1010ChassisFanLed
# Load a mib and it's node in one command:
snmptranslate CISCO-RHINO-MIB::ciscoLS1010ChassisFanLed
########################################################
# How do I add a MIB to the tools?
1. Cop new MIB to expected location for MIB files.
cp MY-MIB.txt /usr/local/share/snmp/mibs
or
mkdir $HOME/.snmp
mkdir $HOME/.snmp/mibs
cp MY-MIB.txt $HOME/.snmp/mibs
-And Then -
2. Load new MIB file in the default set.
export MIBS=+MY-MIB
or
alternatively:
echo "mibs +MY-MIB" >> $HOME/.snmp/snmp.conf
########################################################
snmpwalk localhost public ucdavis.memory
enterprises.ucdavis.memory.memErrorName.0 = swap
enterprises.ucdavis.memory.memTotalSwap.0 = 264592
enterprises.ucdavis.memory.memAvailSwap.0 = 175424
enterprises.ucdavis.memory.memTotalReal.0 = 125856
enterprises.ucdavis.memory.memAvailReal.0 = 4272
enterprises.ucdavis.memory.memTotalFree.0 = 179696
enterprises.ucdavis.memory.memMinimumSwap.0 = 16000
enterprises.ucdavis.memory.memShared.0 = 0
enterprises.ucdavis.memory.memBuffer.0 = 3012
enterprises.ucdavis.memory.memCached.0 = 55108
enterprises.ucdavis.memory.memSwapError.0 = 0
enterprises.ucdavis.memory.memSwapErrorMsg.0 =
snmpwalk localhost public ucdavis.dskTable.dskEntry.dskIndex
snmpwalk localhost public ucdavis.dskTable.dskEntry.dskPath
snmpwalk localhost public ucdavis.dskTable.dskEntry.dskUsed
snmpwalk localhost public ucdavis.dskTable.dskEntry.dskTotal
enterprises.ucdavis.dskTable.dskEntry.dskIndex.1 = 1
enterprises.ucdavis.dskTable.dskEntry.dskIndex.2 = 2
enterprises.ucdavis.dskTable.dskEntry.dskIndex.3 = 3
enterprises.ucdavis.dskTable.dskEntry.dskIndex.4 = 4
enterprises.ucdavis.dskTable.dskEntry.dskIndex.5 = 5
enterprises.ucdavis.dskTable.dskEntry.dskPath.1 = /
enterprises.ucdavis.dskTable.dskEntry.dskPath.2 = /home
enterprises.ucdavis.dskTable.dskEntry.dskPath.3 = /opt
enterprises.ucdavis.dskTable.dskEntry.dskPath.4 = /usr
enterprises.ucdavis.dskTable.dskEntry.dskPath.5 = /music
enterprises.ucdavis.dskTable.dskEntry.dskDevice.1 = /dev/hda10
enterprises.ucdavis.dskTable.dskEntry.dskDevice.2 = /dev/system/home
enterprises.ucdavis.dskTable.dskEntry.dskDevice.3 = /dev/system/opt
enterprises.ucdavis.dskTable.dskEntry.dskDevice.4 = /dev/system/usr
enterprises.ucdavis.dskTable.dskEntry.dskDevice.5 = /dev/system/music
enterprises.ucdavis.dskTable.dskEntry.dskTotal.1
enterprises.ucdavis.dskTable.dskEntry.dskUsed.1
enterprises.ucdavis.version.versionConfigureOptions.0
##############################################3
## Setup the snmp.conf file
snmpconf -g basic_setup
# - or -
# Add to your snmp.conf file
rocommunity public
##############################################3
snmpget -m ALL localhost public sysUpTime.0
system.sysUpTime.0 = Timeticks: (6898386) 19:09:43.86
##############################################3
# send traps and notifications
# securityName -u NAME defSecurityName NAME
# authProtocol -a (MD5|SHA) defAuthType (MD5|SHA)
# privProtocol -x DES defPrivType DES
# authKey -A PASSPHRASE defAuthPassphrase PASSPHRASE
# privKey -X PASSPHRASE defPrivPassphrase PASSPHRASE
# securityLevel -l (noAuthNoPriv|authNoPriv|authPriv) defSecurityLevel (noAuthNoPriv|authNoPriv|authPriv)
# context -n CONTEXTNAME defContext CONTEXTNAME
% snmpget -h Usage: snmpget [options...] {} [ ...] ...
-O Toggle various defaults controlling oid printing: OIDOPTS values:
n: Print oids numerically.
e: Print enums numerically.
E: Escape quotes in string indices.
X: Extended index format.
b: Dont break oid indexes down.
q: Quick print for easier parsing.
f: Print full oids on output.
s: Print only last symbolic element of oid.
S: Print MIB module-id plus last element.
t: Print timeticks unparsed as numeric integers.
v: Print values only (not OID = value).