mag72

Snmpwalk: Examples, Commands, and Shortcuts

Snmpwalk Examples Commands and Shortcuts

John Cirelly

Snmpwalk is a clever way to get back multiple GETNEXT requests without typing a ton of different commands. This can be especially useful when monitoring applications or infrastructure health. So let’s explore some ways we can use snmpwalk to make administration a little easier.

How SNMP works

Simple Network Management Protocol (SNMP) was first used in the late 1980s to make managing devices in a network more manageable. As more technologies adopted SNMP, it became a staple protocol for querying devices to get back status updates. Some of the most effective monitoring solutions today, like SolarWinds Application Performance Monitor, still offer SNMP as a form of data collection.

Devices that have SNMP capabilities have what’s called an SNMP agent. The agent’s job is to collect information from the device and store it in a database called a Management Information Base (MIB).

When the SNMP manager queries the SNMP agent, data is extracted from the MIB and sent to the manager, where it can be viewed and filtered in whichever flavor monitoring tool you happen to be using. One of the most common ways SNMP managers query information is through GET commands. The GET commands, or GETNEXT commands.

GET commands can extract data by taking the Object Identifier (OID) from the MIB. GETNEXT commands work similarly but go through the entire MIB tree to pull information. Using these commands continuously to gather data can be tedious and inefficient. This is where snmpwalk comes into play.

Example for a SNMPGET command:

snmpget -mALL -v1 -cpublic snmp_agent_Ip_address sysName.0

% snmpget -v2c -cprivate -mALL snmp_agent_Ip_address sysName.0 sysObjectID.0 ilomCtrlDateAndTime.0

SNMPv2-MIB::sysName.0 = STRING: SUNSPHOSTNAME

SNMPv2-MIB::sysObjectID.0 = OID: SUN-ILOM-SMI-MIB::sunILOMSystems

SUN-ILOM-CONTROL-MIB::ilomCtrlDateAndTime.0 = STRING: 2007-12-10,20:33:32.0

What is snmpwalk?

Simply put, snmpwalk is an SNMP application that continuously runs multiple GETNEXT requests automatically. SNMP GETNEXT is used to send a query and take data from that device automatically. Snmpwalk chains GETNEXT requests together without having to input each OID or node within a sub-tree.

Snmpwalk works from the top-down, starting with the root of the sub-tree to pull information from all connecting nodes. This gives you the power to obtain information from multiple devices such as routers, switches, and monitoring sensors.

How to install snmpwalk on Windows

Installing snmpwalk on Windows is a fast and easy process. Simply download the files from SourceForge, and run the executable on your machine. After you run the executable, you’ll be able to run a snmpwalk through your command prompt. You can access your command prompt by clicking on Start and searching for “cmd.”

How to install snmpwalk on Linux

Instructions for installation are just as simple for Linux users. Snmpwalk can be downloaded as a package. This process varies slightly depending on your Linux distro. For Ubuntu, simply type “apt-get install snmp.” Redhat and Fedora distributions can install it by typing “yum install net-snmp-utils

Snmpwalk syntax

While there are many different parameters for snmpwalk, learning them isn’t too hard after a bit of practice. Below are a few of the most common parameters and what they do:

  • Hostname: The SNMP agent name.
  • Object_id: Specifies an object ID to return all SNMP objects under it. If left NULL, the root of the SNMP object is taken as the object_id.
  • Timeout: Specifies the number of seconds before a timeout occurs.
  • Retries: How many times the connection should attempt to reconnect during a timeout.
  • -Os: Displays the last element of an OID.
  • -c: Sets the community string.
  • -v: Sets the SNMP version you wish to use during your session.
  • Community: The type of read community.

Viewing your snmpwalk results

If you run a snmpwalk command, you’ll notice right away that you’re receiving too much information. Even on smaller networks, you can flood yourself with knowledge. To read the information correctly, you’ll need to access the MIB file for that device. The MIB file specifies which OIDs are visible on each device. The MIB file acts as a filter, allowing you to run a specific query to that file.

When running snmpwalk, the agent will provide a range of values starting at your specified OID and then on to the next.

Below is an example of what the snmpwalk command would return on when pulled from the MIB:

% snmpwalk -mALL -v1 -cpublic 10.10.10.10

SNMPv2-MIB::sysDescr.0 = STRING: ILOM machine custom description

SNMPv2-MIB::sysObjectID.0 = OID: SUN-ILOM-SMI-MIB::sunILOMSystems

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (16439826) 1 day, 21:39:58.26

SNMPv2-MIB::sysContact.0 = STRING: set via snmp test

SNMPv2-MIB::sysName.0 = STRING: SUNSPHOSTNAME

SNMPv2-MIB::sysLocation.0 = STRING:

SNMPv2-MIB::sysServices.0 = INTEGER: 72

SNMPv2-MIB::sysORLastChange.0 = Timeticks: (14) 0:00:00.14

SNMPv2-MIB::sysORID.1 = OID: IF-MIB::ifMIB

SNMPv2-MIB::sysORID.2 = OID: SNMPv2-MIB::snmpMIB

SNMPv2-MIB::sysORID.3 = OID: TCP-MIB::tcpMIB

SNMPv2-MIB::sysORID.4 = OID: RFC1213-MIB::ip

SNMPv2-MIB::sysORID.5 = OID: UDP-MIB::udpMIB

SNMPv2-MIB::sysORID.6 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup

SNMPv2-MIB::sysORID.7 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance

SNMPv2-MIB::sysORID.8 = OID: SNMP-MPD-MIB::snmpMPDCompliance

SNMPv2-MIB::sysORID.9 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance

SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module to describe generic objects for network interface sub-layers

SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for SNMPv2 entities

SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing TCP implementations

SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for managing IP and ICMP implementations

SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing UDP implementations

SNMPv2-MIB::sysORDescr.6 = STRING: View-based Access Control Model for SNMP.

SNMPv2-MIB::sysORDescr.7 = STRING: The SNMP Management Architecture MIB.

SNMPv2-MIB::sysORDescr.8 = STRING: The MIB for Message Processing and Dispatching.

SNMPv2-MIB::sysORDescr.9 = STRING: The management information definitions for the SNMP User-based Security Model.

SNMPv2-MIB::sysORUpTime.1 = Timeticks: (1) 0:00:00.01

SNMPv2-MIB::sysORUpTime.2 = Timeticks: (2) 0:00:00.02

SNMPv2-MIB::sysORUpTime.3 = Timeticks: (2) 0:00:00.02

SNMPv2-MIB::sysORUpTime.4 = Timeticks: (2) 0:00:00.02

SNMPv2-MIB::sysORUpTime.5 = Timeticks: (2) 0:00:00.02

SNMPv2-MIB::sysORUpTime.6 = Timeticks: (2) 0:00:00.02

SNMPv2-MIB::sysORUpTime.7 = Timeticks: (14) 0:00:00.14

SNMPv2-MIB::sysORUpTime.8 = Timeticks: (14) 0:00:00.14

SNMPv2-MIB::sysORUpTime.9 = Timeticks: (14) 0:00:00.14

How do I run SNMP GET in Linux?

You can run snmpget can be controlled through a series of switches in Linux. For instance, you can type “snmpget -h” to see a list of helpful commands. Like in the Windows version, snmpget in Linux uses parameters to control the tool’s behavior. If you’re unsure if the utility is installed and running on Linux, you can use the snmpget -V to pull the tool’s version number.

An example of snmpwalk on Linux:

# % snmpwalk-v 1 localhost public system # system.sysDescr.o = “SunOS name sun4c”

# system.sysObjectID.o = OID: enterprises.ucgrand.ucdSnmpAgent.sunos4

# system.sys.UpTime.o = Timeticks (59569698) 69 days, 22:32:55

# system.sysContact.o = “sys_admin@example.org>”

# system.sysName.o = “TestPC_04_WS”

# system.sysLocation.o = “Washington, USA”

# system.sysServices.o = 72

Using MIB with an SNMP agent

When running a snmpwalk command you’ll find that cutting down on the amount of data you get back is key to finding insightful information from your queries. Using a MIB will allow you to only receive the information you’re actually looking for rather than every single object within the database.

MIB analyzers can save you tons of time when running snmpwalk commands, as they organize your query data and make it easier to visualize nodes, sub-trees, and SNMP data. If you find yourself using snmpwalk regularly, having a MIB analyzer tool handy can dramatically improve your workflow and save you time.

MiB analyzers can:

  • Help you easily view the OID structure of SNMP
  • Provide a visual layout of the OID tree
  • Provide a graphical user interface to work from
  • State the OID value along with information about each active node

Using a trusted MIB analyzer can transform walls of snmpwalk text into power SNMP data.

Paessler SNMP, MIBs, and OIDs monitoring with PRTG – FREE TRIAL

Paessler MIB Importer for PRTG

If you’re in the market to get more from your MIBS, Paessler PRTG is a powerful tool that goes beyond simple snmpwalks.

PRTG Network Monitor can deploy SNMP agents, view MIBs, and visualize OIDs all from a single GUI platform. PRTG allows you to quickly build custom SNMP sensors for monitoring, or choose from the dozens of pre-built sensors to start monitoring right away.

The platform makes it easy to start getting back relevant data via SNMP. That data can then be viewed in log form or visualized into key insights through the live reporting dashboard. Even on more extensive networks, sysadmins can use PRTG to sort SNMP data by device or vendor and expand each tree as needed.

You can test out PRTG Network Monitor completely through a 30-day free trial.

Are there any alternatives to SNMP/snmpwalk?

The SNMP protocol has been in existence for so long; there aren’t too many alternatives. So many different vendors adopt SNMP that it has become the standard.

Windows Management Instrumentation (WMI) is similar to SNMP but works only in Windows environments. NETCONF is also similar but is primarily used to modify the configuration of a device.