Blog |Follow Nick on Twitter| About
 

I always forget the syntax for snmpwalk/snmpget v3; so posting here to remember.

snmpwalk version 3

The command is: snmpwalk -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50

Example output:

[nick@server ~]$  snmpwalk -v3  -l authPriv -u snmp-poller -a SHA -A "PASSWORD1"  -x AES -X "PASSWORD1" 10.10.60.50
SNMPv2-MIB::sysDescr.0 = STRING: Cisco Adaptive Security Appliance Version 9.6(2)11
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1199
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (201155400) 23 days, 6:45:54.00
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: fw01.local
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 4
IF-MIB::ifNumber.0 = INTEGER: 1
IF-MIB::ifIndex.1 = INTEGER: 1
IF-MIB::ifDescr.1 = STRING: Adaptive Security Appliance 'v101' interface
IF-MIB::ifType.1 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifMtu.1 = INTEGER: 1500
IF-MIB::ifSpeed.1 = Gauge32: 1000000000
IF-MIB::ifPhysAddress.1 = STRING: aa:11:22:33:44:55
IF-MIB::ifAdminStatus.1 = INTEGER: up(1)
IF-MIB::ifOperStatus.1 = INTEGER: up(1)
IF-MIB::ifLastChange.1 = Timeticks: (6600) 0:01:06.00
IF-MIB::ifInOctets.1 = Counter32: 56388261
IF-MIB::ifInUcastPkts.1 = Counter32: 316701
...
[nick@server ~]$ 

snmpget version 3

A command for just getting the hostname: snmpget -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50 sysName.0

Example output:

[nick@server ~]$ snmpget -v3  -l authPriv -u snmp-poller -a SHA -A "PASSWORD1"  -x AES -X "PASSWORD1" 10.10.60.50 sysName.0
SNMPv2-MIB::sysName.0 = STRING: fw01.local
[nick@server ~]$

A command for getting the hostname and the uptime: snmpget -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50 sysName.0 system.sysUpTime.0

Example output:

[nick@server ~]$ snmpget -v3  -l authPriv -u snmp-poller -a SHA -A "PASSWORD1"  -x AES -X "PASSWORD1" 10.10.60.50 sysName.0 system.sysUpTime.0
SNMPv2-MIB::sysName.0 = STRING: fw01.local
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (14100) 0:02:21.00
[nick@server ~]$

These tests are on a Cisco ASA.

This is the ASA snmp v3 config used:

snmp-server group the-noc v3 priv
snmp-server user snmp-poller the-noc v3 auth sha PASSWORD1 priv aes 128 PASSWORD1
snmp-server host v101 10.10.62.100 version 3 snmp-poller

I've used the same password for authentication & encryption to make it easy. The username is "snmp-poller", the source of my polling is "10.10.61.100", the group "the-noc" is for if you have more than one user account.

 

 
Nick Bettison ©