The snmpwalk command is one of the most used tools on Linux for testing SNMP on the network devices. In this tutorial, I will show you how to use that command using various snmpwalk examples (v3 and v2c), and also examples of other commands from the Net-SNMP toolkit: snmpget, snmpset, and snmptrap.
Are you familiar with the SNMP protocol? No? Don’t worry, I got you covered with my post – What is SNMP protocol? How does it work? Learn with examples.
However, if you have a basic understanding of SNMP then continue with reading
On Ubuntu/Debian/Rasbian you can install Net-SNMP tools with one simple command: “apt-get install snmp“, or if you have CentOS/RHEL/Fedora you can use “yum install net-snmp net-snmp-utils“.
There is also a Windows version of the Net-SNMP tool but I recommend the SnmpB MIB browser instead to test SNMP and manage MIBs on Windows.
Before you continue, make sure that the host or network firewall is not blocking UDP port 161.
SNMPWALK command
Snmpwalk uses the “SNMP GETNEXT” message type to collect multiple information from a network device in a single SNMP query.
snmpwalk v3 example
Examples
# snmpwalk v3 example with authentication and encryption
snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1:161 1.3.6.1.2.1.1
# snmpwalk v3 example with authentication, but no encryption
snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 192.168.1.1:161 1.3.6.1.2.1.1
# snmpwalk v3 example with no authentication and no encryption but you still needs a username
snmpwalk -v3 -l noAuthNoPriv -u UserMe 192.168.1.1:161 1.3.6.1.2.1.1
# Using OID dot1dTpFdbAddress and SNMPv3 context name to get mac addresses in VLAN 32
snmpwalk -v3 -l authNoPriv -u UserMe -a MD5 -A AuthPass1 -n vlan-32 192.168.1.1 dot1dTpFdbAddress
Syntax
snmpwalk -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
[-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid]
snmpwalk v2c example
Examples
# Using OID system (1.3.6.1.2.1.1) to get basic system information about host
snmpwalk -v2c -c public 192.168.1.1:161 1.3.6.1.2.1.1
Syntax
snmpwalk -v2c -c <community> <ipaddress>[:<dest_port>] [oid]
SNMPGET command
A snmpget command is similar to the snmpwalk, just replace “snmpwalk” with “snmpget” when you run the command like this:
# Using OID sysDescr (1.3.6.1.2.1.1.1) to get system description
snmpget -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 10.1.1.1 1.3.6.1.2.1.1.0
Just remember that “snmpget” is for getting only one value, while snmpwalk can “walk” down the MIB hierarchy and get all the values at once. Also, snmpget needs full OID to get data from the device.
SNMPSET command
Snmpset uses the “SNMP SET” message type to remotely configure a network device over SNMP protocol.
snmpset v3 example
Examples
# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2
Syntax
snmpset -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
[-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid] [type] [value]
[type] can be one of i, u, t, a, o, s, x, d, b
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
U: unsigned int64, I: signed int64, F: float, D: double
Need more examples? You can find more detailed examples in my step by step tutorial about SNMP under section SNMP testing tools.
snmpset v2c example
Examples
# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v2c -c private 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2
Syntax
snmpset -v2c -c <community> <ipaddress>[:<dest_port>] [oid] [type] [value]
[type] can be one of i, u, t, a, o, s, x, d, b
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
U: unsigned int64, I: signed int64, F: float, D: double
SNMPTRAP command
Snmptrap uses SNMP TRAP operation to send information to a network manager (NMS) via UDP port 162, so make sure that the host or the network firewall is not blocking that port.
snmptrap v3 example
Examples
# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using numeric OID
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 60
# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 60
Syntax
snmptrap -v3 -e <engine_id> -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
[-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] <uptime> <OID|MIB> [<oid> <type> <value>...]
<uptime> must be in unix timestamp format or empty string if you need to set current time on trap
<type> can be one of i, u, t, a, o, s, x, d, b
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
U: unsigned int64, I: signed int64, F: float, D: double
snmptrap v2c example
Examples
# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v2c -c public 127.0.0.1 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 6
# Using OID linkUp (1.3.6.1.6.3.1.1.5.4) to send a trap that notifies that eth0 is in UP state
snmptrap -v2c -c public 127.0.0.1 '' '.1.3.6.1.6.3.1.1.5.4' .1.3.6.1.6.3.1.1.5.4 s "eth0"
Syntax
snmptrap -v2c -c <community> <destination_host> <uptime> <OID|MIB> [<oid> <type> <value>...]
<uptime> must be in unix timestamp format or empty string if you need to set current time on trap
<type> can be one of i, u, t, a, o, s, x, d, b
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
U: unsigned int64, I: signed int64, F: float, D: double
snmptrap v1 example
It is important to note that snmptrap v1 have different syntax, and because of that you can’t use snmptrap v2 or v3 examples.
Examples
snmptrap -v 1 -c public 10.1.1.160 .1.3.6.1.4.1.28116.20 10.0.1.250 6 "" "" 1.3.6.1.4.1.28116.20.1 s "Test Trap"
Syntax
snmptrap -v1 -c <community> <destination_host> <OID|MIB> <sender_ip_address> <trap-type> <trap-id> <uptime> [<oid> <type> <value>...]
<trap-type> can be 0=coldStart, 1=warmStart, 2=linkDown, 3=linkUp, 4=authentication Failure, 5=egpNeighborLoss, Generic=6
<trap-id> can be anything, even blank
<uptime> must be in unix timestamp format or a empty string if you need to set current time on trap
<type> can be one of i, u, t, a, o, s, x, d, b
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
U: unsigned int64, I: signed int64, F: float, D: double
Configuring and testing traps can be a slow process, as sometimes you depend on another department/customer to confirm the trap arrivals. To resolve that problem, I recommend using SnmpB (100% free MIB browser) that can be installed on your computer and configured to receive SNMP traps – check out my step-by-step guide for SnmpB MIB browser.
Thank you for reading.
