Snmpwalk Examples (v3, v2) & Commands for Linux / Windows

The snmpwalk command is one of the most used tools on Linux and Windows for testing SNMP on the network devices. In this tutorial, I will show you how to use that command using various snmpwalk examples (v3 and v2c), and also examples of other commands from the Net-SNMP toolkit: SnmpGet, SnmpSet, and SnmpTrap.

Are you familiar with the SNMP protocol? No? Don’t worry, I got you covered with my post – What is SNMP protocol? How does it work? Learn with examples. However, if you have a basic understanding of SNMP then continue with reading.

On Ubuntu/Debian/Rasbian you can install Net-SNMP tools with one simple command: “apt-get install snmp“, or if you have CentOS/RHEL/Oracle Linux/Fedora you can use “yum install net-snmp net-snmp-utils“.

On Windows, download and install net-snmp-5.5.0-2.x64.exe, leave default directory “C:\usr“, then run the CMD tool and when calling snmpwalk tool use a full path like this “C:\usr\bin\snmpwalk.exe -v2c -c public localhost 1.3.6.1.2.1.1

If you prefer the GUI version of SNMPwalk on Windows please check out SnmpB MIB browser instead to test SNMP and manage MIB files on Windows.

Before you continue, make sure that the host or network firewall is not blocking UDP port 161.

SNMPWALK command

Snmpwalk uses the “SNMP GETNEXT” message type to collect multiple information from a network device in a single SNMP query.

analogy for snmpwalk

snmpwalk v3 example

Examples

# snmpwalk v3 example with authentication and encryption
snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1 1.3.6.1.2.1.1

# snmpwalk v3 example with authentication, but no encryption
snmpwalk -v3 -l authnoPriv -u UserMe -a SHA -A AuthPass1 192.168.1.1:161 1.3.6.1.2.1.1

# snmpwalk v3 example with no authentication and no encryption but you still needs a username
snmpwalk -v3 -l noAuthNoPriv -u UserMe 192.168.1.1:161 1.3.6.1.2.1.1

# Using OID dot1dTpFdbAddress and SNMPv3 context name to get mac addresses in VLAN 32
snmpwalk -v3 -l authNoPriv -u UserMe -a MD5 -A AuthPass1 -n vlan-32 192.168.1.1 dot1dTpFdbAddress

Syntax

snmpwalk -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid]

snmpwalk v2c example

Examples

#  snmpwalk v2 example with OID System to get basic system information about the host
snmpwalk -v2c -c public 192.168.1.1 1.3.6.1.2.1.1

# snmpwalk v2 example with OID ifDescr to get the description of all interfaces on the host
snmpwalk -v2c -c public 192.168.1.1:161 1.3.6.1.2.1.2.2.1.2

Syntax

snmpwalk -v2c -c <community> <ipaddress>[:<dest_port>] [oid]

SNMPGET command

A snmpget command for v3 and v2 is similar to the snmpwalk, just replace “snmpwalk” with “snmpget” when you run the command like this:

# Using OID sysDescr (1.3.6.1.2.1.1.1) to get system description
snmpget -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 10.1.1.1 1.3.6.1.2.1.1.0
analogy for snmpget

Just remember that “snmpget” is for getting only one value, while snmpwalk can “walk” down the MIB hierarchy and get all the values at once. Also, snmpget needs full OID to get data from the device.

SNMPSET command

Snmpset uses the “SNMP SET” message type to remotely configure a network device over SNMP protocol.

analogy for snmpset

snmpset v3 example

Examples

# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2

Syntax

snmpset -v3 -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] [oid] [type] [value]

[type] can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

Need more examples? You can find more detailed examples in my step by step tutorial about SNMP under section SNMP testing tools.

snmpset v2c example

Examples

# Using OID ifAdminStatus (1.3.6.1.2.1.2.2.1.7) to administratively shutdown interface with index 10105
snmpset -v2c -c private 192.168.1.1 1.3.6.1.2.1.2.2.1.7.10105 i 2

Syntax

snmpset -v2c -c <community> <ipaddress>[:<dest_port>] [oid] [type] [value]

[type] can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

SNMPTRAP command

Snmptrap uses SNMP TRAP operation to send information to a network manager (NMS) via UDP port 162, so make sure that the host or the network firewall is not blocking that port.

analogy for snmptrap

snmptrap v3 example

Examples

# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using numeric OID
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 ''  1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 60

# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v3 -e 0x090807060504030201 -l authPriv -u UserMe -a SHA -A AuthPass1 -x AES -X PrivPass2 127.0.0.1:161 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 60

Syntax

snmptrap -v3 -e <engine_id> -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a <MD5|SHA>] [-A <authphrase>]
    [-x <DES|AES>] [-X <privaphrase>] <ipaddress>[:<dest_port>] <uptime> <OID|MIB> [<oid> <type> <value>...]  

<uptime> must be in unix timestamp format or empty string if you need to set current time on trap

<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double

snmptrap v2c example

Examples

# Using OID netSnmpExampleHeartbeatRate (1.3.6.1.4.1.8072.2.3.2.1) to send a trap using MIB
snmptrap -v2c -c public 127.0.0.1 '' NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 6

# Using OID linkUp (1.3.6.1.6.3.1.1.5.4) to send a trap that notifies that eth0 is in UP state
snmptrap -v2c -c public 127.0.0.1 '' '.1.3.6.1.6.3.1.1.5.4' .1.3.6.1.6.3.1.1.5.4 s "eth0"

Syntax

snmptrap -v2c -c <community> <destination_host> <uptime> <OID|MIB> [<oid> <type> <value>...]


<uptime> must be in unix timestamp format or empty string if you need to set current time on trap
 
<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double 

snmptrap v1 example

It is important to note that snmptrap v1 have different syntax, and because of that you can’t use snmptrap v2 or v3 examples.

Examples

snmptrap -v 1 -c public 10.1.1.160 .1.3.6.1.4.1.28116.20 10.0.1.250 6 "" "" 1.3.6.1.4.1.28116.20.1 s "Test Trap"

Syntax

snmptrap -v1 -c <community> <destination_host> <OID|MIB> <sender_ip_address> <trap-type> <trap-id> <uptime> [<oid> <type> <value>...]
 
<trap-type> can be 0=coldStart, 1=warmStart, 2=linkDown, 3=linkUp, 4=authentication Failure, 5=egpNeighborLoss, Generic=6

<trap-id> can be anything, even blank

<uptime> must be in unix timestamp format or a empty string if you need to set current time on trap

<type> can be one of i, u, t, a, o, s, x, d, b
     i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
     o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING, b: BITS
     U: unsigned int64, I: signed int64, F: float, D: double 

Configuring and testing traps can be a slow process, as sometimes you depend on another department/customer to confirm the trap arrivals. To resolve that problem, I recommend using SnmpB (100% free MIB browser) that can be installed on your computer and configured to receive SNMP traps – check out my step-by-step guide for SnmpB MIB browser.


Thank you for reading.

5 thoughts on “Snmpwalk Examples (v3, v2) & Commands for Linux / Windows”

  1. The tool is unable to receive trap for authPriv while authNoPriv and noAuthNoPriv works fine.

    Please find the logs with IP and EngineId as – XXXX
    20220120.01:22:45: 3272: (1)DEBUG : ++ SNMP++: data received from 10.197.XXX.XXX/123456.
    20220120.01:22:45: 3272: (3)DEBUG : mp is parsing incoming message:
    20220120.01:22:45: 3272: (3)DEBUG : Parsed length(a1), version(0x3)
    20220120.01:22:45: 3272: (3)DEBUG : Parsed HeaderData: globalDataLength(0x0), msg_id(0x71e1101a), msg_max_size(0xffe3), msg_flags(0x3), msg_security_model(0x3)
    20220120.01:22:45: 3272: (3)DEBUG : Parsed msgdata length(0x53), msgSecurityParameters length(0x39)
    20220120.01:22:45: 3272: (3)DEBUG : Parsed securityParametersLength = 0x37
    20220120.01:22:45: 3272: (3)DEBUG : Parsed securityEngineID, length = 0xd
    20220120.01:22:45: 3272: (3)DEBUG : Parsed engineBoots(0x0), engineTime(0x0)
    20220120.01:22:45: 3272: (5)DEBUG : Parsed usmUserName length(0x8) msgAuthenticationParameters length(0xc) msgPrivacyParameters length(0x8)
    20220120.01:22:45: 3272: (9)INFO : USMUserNameTable: Translated (user name) to (security name): (traptest), (traptest)
    20220120.01:22:45: 3272: (7)DEBUG : USM::get_user: user (traptest) engine_id ( xxxxxxxxx 61 …..N..#d..a
    )
    20220120.01:22:45: 3272: (4)DEBUG : SHA authentication OK.
    20220120.01:22:45: 3272: (9)DEBUG : USMTimeTable: Check time ok, not authoritative, updated (id): ( xxxxxxxxx 61 …..N..#d..a
    )
    20220120.01:22:45: 3272: (0)DEBUG : Decryption error detected
    20220120.01:22:45: 3272: (0)DEBUG : mp: error while executing USM::process_msg
    20220120.01:22:45: 3272: (1)DEBUG : ErrorCode is 1406

    Reply
  2. Thanks for your post
    Not sure if you are replying. But somehow I am not able to receive trap for authPriv. Do we need anyother setting or 3rd party files for the this?

    This is important, awaiting your reply.

    Reply
  3. Hi thanks for your post :
    I, however have a small remark for
    # snmpwalk v3 example with authentication, but no encryption
    snmpwalk -v3 -l authPriv -u UserMe -a SHA -A AuthPass1 192.168.1.1:161 1.3.6.1.2.1.1

    it should be
    snmpwalk -v3 -l authnoPriv -u UserMe -a SHA -A AuthPass1 192.168.1.1:161 1.3.6.1.2.1.1

    Reply

Leave a Comment