snmpwalk snmpget snmpset snmptrap example

Snmpwalk Example (v3 & v2) + snmpget, snmpset, snmptrap

In this tutorial, I will show you quick and dirty examples on how you can use Net-SNMP tools commands: snmpwalk, snmpget, snmpset, and snmptrap.

Are you familiar with the SNMP protocol? No? Don’t worry, I got you covered with my post – What is SNMP protocol? How does it work? Learn with examples.

However, if you have a basic understanding of SNMP then continue with reading

On Ubuntu/Debian/Rasbian you can install Net-SNMP tools with one simple command: “apt-get install snmp“, or if you have CentOS/RHEL/Fedora you can use “yum install net-snmp net-snmp-utils“.

There is also a Windows version of the Net-SNMP tool but I recommend the SnmpB MIB browser instead to test SNMP and manage MIBs on Windows.

Before you continue, make sure that the host or network firewall is not blocking UDP port 161.

SNMPWALK command

Snmpwalk uses the “SNMP GETNEXT” message type to collect multiple information from a network device in a single SNMP query.

analogy for snmpwalk

snmpwalk v3 example

Examples


# snmpwalk v3 example with authentication and encryption
snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1:161 1.3.6.1.2.1.1

# snmpwalk v3 example with authentication, but no encryption
snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 192.168.1.1:161 1.3.6.1.2.1.1 

# snmpwalk v3 example with no authentication and no encryption but you still needs a username
snmpwalk -v3 -l noAuthNoPriv -u UserMe 192.168.1.1:161 1.3.6.1.2.1.1

# Using OID dot1dTpFdbAddress and SNMPv3 context name to get mac addresses in VLAN 32
snmpwalk -v3 -l authNoPriv -u UserMe -a MD5 -A AuthPass1 -n vlan-32 192.168.1.1 dot1dTpFdbAddress

Syntax

snmpwalk -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid]

snmpwalk v2c example

Examples

# Using OID system (1.3.6.1.2.1.1) to get basic system information about host
snmpwalk -v2c -c public 192.168.1.1:161 1.3.6.1.2.1.1

Syntax

snmpwalk -v2c -c <community> <ipaddress>[:<dest_port>] [oid]

SNMPGET command

A snmpget command is same as snmpwalk, just replace “snmpwalk” with “snmpget” when you run the command like this:

# Using OID sysDescr (1.3.6.1.2.1.1.1) to get system description
snmpget -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 10.1.1.1 1.3.6.1.2.1.1.0
analogy for snmpget

Just remember that “snmpget” is for getting only one value, while snmpwalk can “walk” down the MIB hierarchy and get all the values at once. Also, snmpget needs full OID to get data from the device.

SNMPSET command

Snmpset uses the “SNMP SET” message type to remotely configure a network device over SNMP protocol.

analogy for snmpset

snmpset v3 example

Examples

# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2

Syntax

snmpset -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid] [type] [value]

[type] can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

Need more examples? You can find more detailed examples in my step by step tutorial about SNMP under section SNMP testing tools.

snmpset v2c example

Examples

# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v2c -c private 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2

Syntax

snmpset -v2c -c <community> <ipaddress>[:<dest_port>] [oid] [type] [value]

[type] can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

SNMPTRAP command

Snmptrap uses SNMP TRAP operation to send information to a network manager (NMS) via UDP port 162, so make sure that the host or the network firewall is not blocking that port.

analogy for snmptrap

snmptrap v3 example

Examples

# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using numeric OID
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 ''  1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 60

# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 60

Syntax

snmptrap -v3 -e <engine_id> -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] <uptime> <OID|MIB> [<oid> <type> <value>...]  

<uptime> must be in unix timestamp format or empty string if you need to set current time on trap

<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

snmptrap v2c example

Examples


# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v2c -c public 127.0.0.1 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 6

# Using OID linkUp (1.3.6.1.6.3.1.1.5.4) to send a trap that notifies that eth0 is in UP state
snmptrap -v2c -c public 127.0.0.1 '' '.1.3.6.1.6.3.1.1.5.4' .1.3.6.1.6.3.1.1.5.4 s "eth0"

Syntax

snmptrap -v2c -c <community> <destination_host> <uptime> <OID|MIB> [<oid> <type> <value>...]


<uptime> must be in unix timestamp format or empty string if you need to set current time on trap
 
<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double 

snmptrap v1 example

It is important to note that snmptrap v1 have different syntax, and because of that you can’t use snmptrap v2 or v3 examples.

Examples

snmptrap -v 1 -c public 10.1.1.160 .1.3.6.1.4.1.28116.20 10.0.1.250 6 "" "" 1.3.6.1.4.1.28116.20.1 s "Test Trap"

Syntax

snmptrap -v1 -c <community> <destination_host> <OID|MIB> <sender_ip_address> <trap-type> <trap-id> <uptime> [<oid> <type> <value>...]
 
<trap-type> can be 0=coldStart, 1=warmStart, 2=linkDown, 3=linkUp, 4=authentication Failure, 5=egpNeighborLoss, Generic=6

<trap-id> can be anything, even blank

<uptime> must be in unix timestamp format or a empty string if you need to set current time on trap

<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double 

Configuring and testing traps can be a slow process, as sometimes you depend on another department/customer to confirm the trap arrivals. To resolve that problem, I recommend using SnmpB (100% free MIB browser) that can be installed on your computer and configured to receive SNMP traps – check out my step-by-step guide for SnmpB MIB browser.


Thank you for reading.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll Up