Title: snmp commands Subject: snmp commands on linux ================================================================= SNMP shit: edit snmpd.conf # VACM configuration entries rwuser initial # lets add the new user we'll create too: rwuser wes # USM configuration entries createUser initial MD5 setup_password DES # Note: User "wes" will be granted administrative privileges. # Note: passwords (passphrases really) must be 8 characters minimum in length. # "wes" is cloned from "initial" in the process, # so he inherits that users password ("setup_password"). snmpusm -v 3 \ -u initial \ -n " -l authNoPriv \ -a MD5 \ -A setup_password localhost \ create wes initial # Change passphrase for "wes" snmpusm -v 3 \ -u wes \ -n " \ -l authNoPriv \ -a MD5 \ -A setup_password localhost \ passwd -setup_password new_passphrase # Perform an authenticated snmpv3 GET request to the agent. snmpget -v 3 \ -u wes \ -n " \ -l authNoPriv \ -a MD5 \ -A new_passphrase localhost \ sysUpTime.0 # Now, remove the vacm "group" snmpd.conf entry for the "initial" user. # and you have a valid user 'wes' that you can use. ## ## ###################################################### # # 1. snmptranslate: learning about the MIB tree. # From name, get number snmptranslate system.sysUpTime.0 # .1.3.6.1.2.1.1.3.0 # # 2. snmpget: retrieving data from a host. snmptranslate -On .iso.3.6.1.private.enterprises.2021.2.1.prNames.0 enterprises.ucdavis.procTable.prEntry.prNames.0 snmptranslate -Ofn .iso.3.6.1.private.enterprises.2021.2.1.prNames.0 # .iso.org.dod.internet.private.enterprises.ucdavis.prTable.prEntry.prNames.0 snmptranslate -On .iso.3.6.1.private.enterprises.2021.2.1.prNames.0 # enterprises.ucdavis.prTable.prEntry.prNames.0 snmptranslate -On -Ib 'sys.*ime' # system.sysUpTime ## wild-card lookup snmptranslate -Ofn -Ib 'sys.*ime' # .iso.org.dod.internet.mgmt.mib-2.system.sysUpTime ## snmptranslate -On -TB 'vacm.*table' # .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmContextTable # .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmSecurityToGroupTable # .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmAccessTable # .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmMIBViews.vacmViewTreeFamilyTable ########################################### # snmptranslate ifMIB # .1.3.6.1.2.1.31 # snmptranslate -Ofn .1.3.6.1.2.1.31 # .iso.org.dod.internet.mgmt.mib-2.ifMIB # vi /etc/ucdsnmp.conf # view fullview included .iso.org.dod.internet.mgmt.mib-2.ifMIB # snmpwalk localhost public ifMIB # ########################################### # had to find the odi for a variable hrSystemInitialLoadDevice # snmpwalk localhost public .1.3.6.1.2.1 |grep hrSystemInitialLoadDevice # host.hrSystem.hrSystemInitialLoadDevice.0 = 1536 # snmptranslate host.hrSystem.hrSystemInitialLoadDevice.0 # .1.3.6.1.2.1.25.1.3.0 ########################################### ## Get info about a mib with -Td (descritpon) flag: snmptranslate -Td -Ib 'sys.*ime' # .1.3.6.1.2.1.1.3 # sysUpTime OBJECT-TYPE # -- FROM SNMPv2-MIB, RFC1213-MIB # SYNTAX TimeTicks # MAX-ACCESS read-only # STATUS current # DESCRIPTION "The time (in hundredths of a second) since the network # management portion of the system was last re-initialized." # ::= { iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) system(1) 3 } ## Get a pretty diagram of mib tree, check out the -Tp flag: snmptranslate -Tp system # +--system(1) # | # +-- -R-- String sysDescr(1) # | Textual Convention: DisplayString # | Size: 0..255 # +-- -R-- ObjID sysObjectID(2) # +-- -R-- TimeTicks sysUpTime(3) # +-- -RW- String sysContact(4) # | Textual Convention: DisplayString # | Size: 0..255 # +-- -RW- String sysName(5) # | Textual Convention: DisplayString # | Size: 0..255 # +-- -RW- String sysLocation(6) # | Textual Convention: DisplayString # | Size: 0..255 # +-- -R-- INTEGER sysServices(7) # | Range: 0..127 # +-- -R-- TimeTicks sysORLastChange(8) # | Textual Convention: TimeStamp # | # +--sysORTable(9) # | # +--sysOREntry(1) # | Index: sysORIndex # | # +-- ---- INTEGER sysORIndex(1) # | Range: 1..2147483647 # +-- -R-- ObjID sysORID(2) # +-- -R-- String sysORDescr(3) # | Textual Convention: DisplayString # | Size: 0..255 # +-- -R-- TimeTicks sysORUpTime(4) Textual Convention: TimeStamp ## ###################################################### # Get data from remote host given it's hostnmae, community, and oid. snmpget localhost public system.sysUpTime.0 # system.sysUpTime.0 = Timeticks: (910923) 2:31:49.23 # snmp version 2 example snmpget -v 2c localhost public system.sysUpTime.0 # system.sysUpTime.0 = Timeticks: (933856) 2:35:38.56 # query for multiple ODI's in one query snmpget -v 2c localhost public sysUpTime.0 ucdDemoUserList.0 system.sysUpTime.0 = Timeticks: (948272) 2:38:02.72 enterprises.ucdavis.ucdDemoMIB.ucdDemoMIBObjects.ucdDemoPublic.ucdDemoUserList.0 = No Such Object available on this agent ## ###################################################### ## Used to retrieve the next oid in the mib tree. # Here we requesion one oid, and recieve the nex oid back snmpgetnext localhost public system.sysUpTime.0 # system.sysContact.0 = JohnStile (configure /etc/snmp/snmp.local.conf) ## ###################################################### ## snmpwalk localhost public system # lots of data snmptable -w 80 localhost public sysORTable # Modify 3. snmpgetnext: retrieving unknown indexed data. 4. snmpwalk: retrieving lots of data at once! 5. snmptable: displaying table. 6. snmpset: peforming write operations. 7. snmptrap: Sending and receiving traps, and acting upon them. 1. Sending and receiving SNMPv3 TRAPs and INFORMs 8. Common command options: 1. Using and loading MIBS 2. SNMPv3 Options 3. Customized Output Formats ######################################################## ## SNMPv3 INFORMs 1. Stop any currently running snmptrapd /etc/init.d/snmptrapd stop 2. Create user adding this to /var/ucd-snmp/snmptrapd.conf ############################################### # myuser="security name" # mypassword="authentication password" # myotherpassword="your encryption password" # createUser juan MD5 whatalife DES lifesucks 3. Restart the snmptrapd program. /etc/init.d/snmptrapd start 4. Now, send trap demon a coldStart INFORM snmpinform -v 3 \ -u $myuser \ -a MD5 \ -A $mypassword \ -l authNoPriv \ localhost 42 coldStart.0 # You should see snmptrapd output: # # 2001-10-31 11:21:05 localhost.localdomain [127.0.0.1]: # sysUpTimeInstance = Timeticks: (42) 0:00:00.42 snmpTrapOID.0 = OID: coldStart.0 ######################################################## ## SNMPv3 TRAPs 1. Stop any currently running snmptrapd /etc/init.d/snmptrapd stop 2. Create user adding this to /var/ucd-snmp/snmptrapd.conf: createUser -e 0x0102030405 myuser MD5 mypassword DES myotherpassword # This time we set engineID=0x0102030405 3. (re)start the snmptrapd program. /etc/init.d/snmptrapd start 4. Now, send trap demon a coldStart TRAP snmptrap -e 0x0102030405 \ -v 3 \ -u myuser \ -a MD5 \ -A mypassword \ -l authNoPriv \ localhost 42 coldStart.0 ######################################################## # READ SNMPv3 working group 18223 lines of text (RFCs 2570 - 2575) # for details about: v3 engineIDs, INFORMs, TRAPs, engineID discovery, secret keys, passwords, localized keys, etc. ######################################################## # Using local MIBs # By default mibs load from directories: $HOME/.snmp/mibs - then - /usr/local/share/snmp/mibs # first, put a custom mib in $HOME/.snmp/mibs mv CISCO-RHINO-MIB $HOME/.snmp/mibs # Now, lets use the -m flag to load that custom mib. snmptranslate -m +CISCO-RHINO-MIB \ -IR ciscoLS1010ChassisFanLed # Dependency in CISCO-RHINO-MIB for CISCO-SMI snmptranslate -m +CISCO-RHINO-MIB -IR ciscoLS1010ChassisFanLed Cannot find module (CISCO-SMI): At line 31 in $HOME/.snmp/mibs/CISCO-RHINO-MIB.my Unlinked OID in CISCO-RHINO-MIB: ciscoLS1010ChassisMIB ::= { workgroup 11 } Cannot adopt OID in CISCO-RHINO-MIB: ciscoAtmSwitchInvalidCellHeader ::= { ciscoAtmSwitchInvalidCellHeaderEntry 2 } ... rest of output truncated ... # Fix dependency by also putting CISCO-SMI in same dir. mv CISCO-SMI $HOME/.snmp/mibs # Run it again: snmptranslate -m +CISCO-RHINO-MIB -IR ciscoLS1010ChassisFanLed # Load a mib and it's node in one command: snmptranslate CISCO-RHINO-MIB::ciscoLS1010ChassisFanLed ######################################################## # How do I add a MIB to the tools? 1. Cop new MIB to expected location for MIB files. cp MY-MIB.txt /usr/local/share/snmp/mibs or mkdir $HOME/.snmp mkdir $HOME/.snmp/mibs cp MY-MIB.txt $HOME/.snmp/mibs -And Then - 2. Load new MIB file in the default set. export MIBS=+MY-MIB or alternatively: echo "mibs +MY-MIB" >> $HOME/.snmp/snmp.conf ######################################################## snmpwalk localhost public ucdavis.memory enterprises.ucdavis.memory.memErrorName.0 = swap enterprises.ucdavis.memory.memTotalSwap.0 = 264592 enterprises.ucdavis.memory.memAvailSwap.0 = 175424 enterprises.ucdavis.memory.memTotalReal.0 = 125856 enterprises.ucdavis.memory.memAvailReal.0 = 4272 enterprises.ucdavis.memory.memTotalFree.0 = 179696 enterprises.ucdavis.memory.memMinimumSwap.0 = 16000 enterprises.ucdavis.memory.memShared.0 = 0 enterprises.ucdavis.memory.memBuffer.0 = 3012 enterprises.ucdavis.memory.memCached.0 = 55108 enterprises.ucdavis.memory.memSwapError.0 = 0 enterprises.ucdavis.memory.memSwapErrorMsg.0 = snmpwalk localhost public ucdavis.dskTable.dskEntry.dskIndex snmpwalk localhost public ucdavis.dskTable.dskEntry.dskPath snmpwalk localhost public ucdavis.dskTable.dskEntry.dskUsed snmpwalk localhost public ucdavis.dskTable.dskEntry.dskTotal enterprises.ucdavis.dskTable.dskEntry.dskIndex.1 = 1 enterprises.ucdavis.dskTable.dskEntry.dskIndex.2 = 2 enterprises.ucdavis.dskTable.dskEntry.dskIndex.3 = 3 enterprises.ucdavis.dskTable.dskEntry.dskIndex.4 = 4 enterprises.ucdavis.dskTable.dskEntry.dskIndex.5 = 5 enterprises.ucdavis.dskTable.dskEntry.dskPath.1 = / enterprises.ucdavis.dskTable.dskEntry.dskPath.2 = /home enterprises.ucdavis.dskTable.dskEntry.dskPath.3 = /opt enterprises.ucdavis.dskTable.dskEntry.dskPath.4 = /usr enterprises.ucdavis.dskTable.dskEntry.dskPath.5 = /music enterprises.ucdavis.dskTable.dskEntry.dskDevice.1 = /dev/hda10 enterprises.ucdavis.dskTable.dskEntry.dskDevice.2 = /dev/system/home enterprises.ucdavis.dskTable.dskEntry.dskDevice.3 = /dev/system/opt enterprises.ucdavis.dskTable.dskEntry.dskDevice.4 = /dev/system/usr enterprises.ucdavis.dskTable.dskEntry.dskDevice.5 = /dev/system/music enterprises.ucdavis.dskTable.dskEntry.dskTotal.1 enterprises.ucdavis.dskTable.dskEntry.dskUsed.1 enterprises.ucdavis.version.versionConfigureOptions.0 ##############################################3 ## Setup the snmp.conf file snmpconf -g basic_setup # - or - # Add to your snmp.conf file rocommunity public ##############################################3 snmpget -m ALL localhost public sysUpTime.0 system.sysUpTime.0 = Timeticks: (6898386) 19:09:43.86 ##############################################3 # send traps and notifications # securityName -u NAME defSecurityName NAME # authProtocol -a (MD5|SHA) defAuthType (MD5|SHA) # privProtocol -x DES defPrivType DES # authKey -A PASSPHRASE defAuthPassphrase PASSPHRASE # privKey -X PASSPHRASE defPrivPassphrase PASSPHRASE # securityLevel -l (noAuthNoPriv|authNoPriv|authPriv) defSecurityLevel (noAuthNoPriv|authNoPriv|authPriv) # context -n CONTEXTNAME defContext CONTEXTNAME % snmpget -h Usage: snmpget [options...] {} [ ...] ... -O Toggle various defaults controlling oid printing: OIDOPTS values: n: Print oids numerically. e: Print enums numerically. E: Escape quotes in string indices. X: Extended index format. b: Dont break oid indexes down. q: Quick print for easier parsing. f: Print full oids on output. s: Print only last symbolic element of oid. S: Print MIB module-id plus last element. t: Print timeticks unparsed as numeric integers. v: Print values only (not OID = value).