なにこれ
SNMPのよくつかうコマンドやOIDが覚えられないアンチキショウなので覚書ですしおすし
前提
- 本記事のSNMPマネージャはCiscoのSWです
内容
- インストール
- MIBについて
- OIDについて
-
snmpwalkコマンド -
snmptranslateコマンド
詳細
インストール
-
snmpwalk、snmptranslateを使いたいので以下をインストールする
[root@centos7 ~]# yum -y install net-snmp net-snmp-utils
MIBについて
- Management Information Baseの略
- 管理情報ベースのこと
- MIBの構造はツリー構造でrootから各ノードの数字を順番にたどって番号を付けることで個々のMIB情報を一意に識別可能
OIDについて
- MIBに格納されている情報の1つ1つの「1.3.6.1.2.1.1.6」 のような数字のこと
| OID | OID(文字) | 説明 |
|---|---|---|
| .1.3.6.1.2.1.1 | system | システムに関する情報 |
| .1.3.6.1.2.1.2 | interfaces | インタフェース情報に関する情報 |
| .1.3.6.1.2.1.3 | at | IPアドレスと物理的なアドレスとの変換テーブルが格納 |
| .1.3.6.1.2.1.4 | ip | IPに関する情報 |
| .1.3.6.1.2.1.5 | icmp | ICMPに関する情報 |
| .1.3.6.1.2.1.6 | tcp | TCPに関する情報 |
| .1.3.6.1.2.1.7 | udp | UDPに関する情報 |
| .1.3.6.1.2.1.8 | egp | EGP(Exteior Gateway Protocol)に関する情報 |
| .1.3.6.1.2.1.9 | transmission | ネットワーク送受信モジュール(トランスミッタ)に関する情報 |
| .1.3.6.1.2.1.11 | snmp | SNMPに関する情報 |
snmpwalkコマンド
Usage
[root@centos7 ~]# snmpwalk -h
USAGE: snmpwalk [OPTIONS] AGENT [OID]
Version: 5.7.2
Web: http://www.net-snmp.org/
Email: net-snmp-coders@lists.sourceforge.net
OPTIONS:
-h, --help display this help message
-H display configuration file directives understood
-v 1|2c|3 specifies SNMP version to use
-V, --version display package version number
SNMP Version 1 or 2c specific
-c COMMUNITY set the community string
SNMP Version 3 specific
-a PROTOCOL set authentication protocol (MD5|SHA)
-A PASSPHRASE set authentication protocol pass phrase
-e ENGINE-ID set security engine ID (e.g. 800000020109840301)
-E ENGINE-ID set context engine ID (e.g. 800000020109840301)
-l LEVEL set security level (noAuthNoPriv|authNoPriv|authPriv)
-n CONTEXT set context name (e.g. bridge1)
-u USER-NAME set security name (e.g. bert)
-x PROTOCOL set privacy protocol (DES|AES)
-X PASSPHRASE set privacy protocol pass phrase
-Z BOOTS,TIME set destination engine boots/time
General communication options
-r RETRIES set the number of retries
-t TIMEOUT set the request timeout (in seconds)
Debugging
-d dump input/output packets in hexadecimal
-D[TOKEN[,...]] turn on debugging output for the specified TOKENs
(ALL gives extremely verbose debugging output)
General options
-m MIB[:...] load given list of MIBs (ALL loads everything)
-M DIR[:...] look in given list of directories for MIBs
(default: $HOME/.snmp/mibs:/usr/share/snmp/mibs)
-P MIBOPTS Toggle various defaults controlling MIB parsing:
u: allow the use of underlines in MIB symbols
c: disallow the use of "--" to terminate comments
d: save the DESCRIPTIONs of the MIB objects
e: disable errors when MIB symbols conflict
w: enable warnings when MIB symbols conflict
W: enable detailed warnings when MIB symbols conflict
R: replace MIB symbols from latest module
-O OUTOPTS Toggle various defaults controlling output display:
0: print leading 0 for single-digit hex characters
a: print all strings in ascii format
b: do not break OID indexes down
e: print enums numerically
E: escape quotes in string indices
f: print full OIDs on output
n: print OIDs numerically
q: quick print for easier parsing
Q: quick print with equal-signs
s: print only last symbolic element of OID
S: print MIB module-id plus last element
t: print timeticks unparsed as numeric integers
T: print human-readable text along with hex strings
u: print OIDs using UCD-style prefix suppression
U: don't print units
v: print values only (not OID = value)
x: print all strings in hex format
X: extended index format
-I INOPTS Toggle various defaults controlling input parsing:
b: do best/regex matching to find a MIB node
h: don't apply DISPLAY-HINTs
r: do not check values for range/type legality
R: do random access to OID labels
u: top-level OIDs must have '.' prefix (UCD-style)
s SUFFIX: Append all textual OIDs with SUFFIX before parsing
S PREFIX: Prepend all textual OIDs with PREFIX before parsing
-L LOGOPTS Toggle various defaults controlling logging:
e: log to standard error
o: log to standard output
n: don't log at all
f file: log to the specified file
s facility: log to syslog (via the specified facility)
(variants)
[EON] pri: log to standard error, output or /dev/null for level 'pri' and above
[EON] p1-p2: log to standard error, output or /dev/null for levels 'p1' to 'p2'
[FS] pri token: log to file/syslog for level 'pri' and above
[FS] p1-p2 token: log to file/syslog for levels 'p1' to 'p2'
-C APPOPTS Set various application specific behaviours:
p: print the number of variables found
i: include given OID in the search range
I: don't include the given OID, even if no results are returned
c: do not check returned OIDs are increasing
t: Display wall-clock time to complete the walk
T: Display wall-clock time to complete each request
E {OID}: End the walk at the specified OID
systemの情報を取得
[root@centos7 ~]# snmpwalk -v 2c -c public 172.20.7.1 .1.3.6.1.2.1.1
または
[root@centos7 ~]# snmpwalk -v 2c -c public 172.20.7.1 system
SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, C3560 Software (C3560-IPBASE-M), Version 12.2(25)SEB4, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Tue 30-Aug-05 14:19 by yenanh
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.615
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3103805174) 359 days, 5:40:51.74
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: cs-bit-l3sw01.cisco.com
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 6
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
特定のOIDから情報を取得
[root@centos7 ~]# snmpwalk -v 2c -c public 172.20.7.1 .1.3.6.1.2.1.1.1
または
[root@centos7 ~]# snmpwalk -v 2c -c public 172.20.7.1 system.1
SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, C3560 Software (C3560-IPBASE-M), Version 12.2(25)SEB4, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Tue 30-Aug-05 14:19 by yenanh
snmptranslateコマンド
Usage
[root@centos7 ~]# snmptranslate -h
USAGE: snmptranslate [OPTIONS] OID [OID]...
Version: 5.7.2
Web: http://www.net-snmp.org/
Email: net-snmp-coders@lists.sourceforge.net
OPTIONS:
-h display this help message
-V display package version number
-m MIB[:...] load given list of MIBs (ALL loads everything)
-M DIR[:...] look in given list of directories for MIBs
-D[TOKEN[,...]] turn on debugging output for the specified TOKENs
(ALL gives extremely verbose debugging output)
-w WIDTH set width of tree and detail output
-T TRANSOPTS Set various options controlling report produced:
B: print all matching objects for a regex search
d: print full details of the given OID
p: print tree format symbol table
a: print ASCII format symbol table
l: enable labeled OID report
o: enable OID report
s: enable dotted symbolic report
z: enable MIB child OID report
t: enable alternate format symbolic suffix report
-P MIBOPTS Toggle various defaults controlling mib parsing:
u: allow the use of underlines in MIB symbols
c: disallow the use of "--" to terminate comments
d: save the DESCRIPTIONs of the MIB objects
e: disable errors when MIB symbols conflict
w: enable warnings when MIB symbols conflict
W: enable detailed warnings when MIB symbols conflict
R: replace MIB symbols from latest module
-O OUTOPTS Toggle various defaults controlling output display:
0: print leading 0 for single-digit hex characters
a: print all strings in ascii format
b: do not break OID indexes down
e: print enums numerically
E: escape quotes in string indices
f: print full OIDs on output
n: print OIDs numerically
q: quick print for easier parsing
Q: quick print with equal-signs
s: print only last symbolic element of OID
S: print MIB module-id plus last element
t: print timeticks unparsed as numeric integers
T: print human-readable text along with hex strings
u: print OIDs using UCD-style prefix suppression
U: don't print units
v: print values only (not OID = value)
x: print all strings in hex format
X: extended index format
-I INOPTS Toggle various defaults controlling input parsing:
b: do best/regex matching to find a MIB node
h: don't apply DISPLAY-HINTs
r: do not check values for range/type legality
R: do random access to OID labels
u: top-level OIDs must have '.' prefix (UCD-style)
s SUFFIX: Append all textual OIDs with SUFFIX before parsing
S PREFIX: Prepend all textual OIDs with PREFIX before parsing
-L LOGOPTS Toggle various defaults controlling logging:
e: log to standard error
o: log to standard output
n: don't log at all
f file: log to the specified file
s facility: log to syslog (via the specified facility)
(variants)
[EON] pri: log to standard error, output or /dev/null for level 'pri' and above
[EON] p1-p2: log to standard error, output or /dev/null for levels 'p1' to 'p2'
[FS] pri token: log to file/syslog for level 'pri' and above
[FS] p1-p2 token: log to file/syslog for levels 'p1' to 'p2'
OID(数字)からOID(名前)への変換
[root@centos7 ~]# snmptranslate .1.3.6.1.2.1.2.2.1.10
IF-MIB::ifInOctets
OID(名前)からOID(数字)への変換
[root@centos7 ~]# snmptranslate -On IF-MIB::ifInOctets
.1.3.6.1.2.1.2.2.1.10
オブジェクトをツリー表示
[root@centos7 ~]# snmptranslate -Tp
たくさんでるよ