LoginSignup
6
6

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@sasakinzm

PySNMPで拡張MIBを利用する

Last updated at Posted at 2018-08-02

Python の SNMPライブラリ PySNMP でベンダの拡張MIBを取得できるようにするのに、やり方が分からず結構ハマったのでそのメモです。
結果的に、超簡単に利用できるということが分かりました。。。
利用したのはJuniper vSRXと、その拡張MIBです。他の拡張MIBでも同じだと思います。
OSはCentOS7を利用してます。

PySNMPインストール

pip で pysnmp, pysnmp-mibs をインストール。

[centos@ip-172-31-2-50 ~]$ sudo pip install pysnmp pysnmp-mibs

Juniper公式サイトからのMIBをダウンロード

(今回はvSRXの JUNOS15.1X49 のMIBをダウンロードして解凍する。)

[centos@ip-172-31-2-50 ~]$ wget http://www.juniper.net/documentation/software/junos/junos151X49/juniper-mibs-15.1X49-D140.2.zip
[centos@ip-172-31-2-50 ~]$ unzip juniper-mibs-15.1X49-D140.2.zip
[centos@ip-172-31-2-50 ~]$ ls juniper-mibs-15.1X49-D140.2/
JuniperMibs  StandardMibs

MIBテキストファイルからコンバート

mibdump.py を利用して、PySNMPから利用できるようにする。
JuniperMibs 配下のtxtファイルを全てコンバートする。
(コマンド一発でできる!!)

[centos@ip-172-31-2-50 ~]$ cd juniper-mibs-15.1X49-D140.2/
[centos@ip-172-31-2-50 juniper-mibs-15.1X49-D140.2]$ mibdump.py JuniperMibs/*
Source MIB repositories: /home/centos/juniper-mibs-15.1X49-D140.2/JuniperMibs, file:///usr/share/snmp/mibs, http://mibs.snmplabs.com/asn1/@mib@
Borrow missing/failed MIBs from: http://mibs.snmplabs.com/pysnmp/notexts/@mib@
Existing/compiled MIB locations: pysnmp.smi.mibs, pysnmp_mibs
Compiled MIBs destination directory: /home/centos/.pysnmp/mibs
MIBs excluded from code generation: INET-ADDRESS-MIB, PYSNMP-USM-MIB, RFC-1212, RFC-1215, RFC1065-SMI, RFC1155-SMI, RFC1158-MIB, RFC1213-MIB, SNMP-FRAMEWORK-MIB, SNMP-TARGET-MIB, SNMPv2-CONF, SNMPv2-SMI, SNMPv2-TC, SNMPv2-TM, TRANSPORT-ADDRESS-MIB
MIBs to compile: mib-jnx-alarm, mib-jnx-analyzer, mib-jnx-atm-cos, mib-jnx-atm, mib-jnx-bfd-exp, mib-jnx-bfd, mib-jnx-bgpmib2, mib-jnx-bl, mib-jnx-cfgmgmt, mib-jnx-chas-defines, mib-jnx-chassis-alarm, mib-jnx-chassis-fwdd, mib-jnx-chassis, mib-jnx-coll, mib-jnx-cos, mib-jnx-dcu, mib-jnx-dfc, mib-jnx-dom, mib-jnx-event, mib-jnx-ex-mac-notification, mib-jnx-exp, mib-jnx-ex-smi, mib-jnx-fabric-chassis, mib-jnx-firewall, mib-jnx-fru, mib-jnx-gen-set, mib-jnx-hostresources, mib-jnx-if-accounting, mib-jnx-if-extensions, mib-jnx-ifotn, mib-jnx-ipforward, mib-jnx-ipsec-flow-mon, mib-jnx-ipsec-monitor-asp, mib-jnx-ipv4, mib-jnx-ipv6, mib-jnx-jdhcp, mib-jnx-jdhcpv6, mib-jnx-js-auth, mib-jnx-js-cert, mib-jnx-js-dns, mib-jnx-js-flow, mib-jnx-js-idp, mib-jnx-js-if-ext, mib-jnx-js-ipsec-vpn, mib-jnx-js-nat, mib-jnx-js-packet-mirror, mib-jnx-js-policy, mib-jnx-jsrpd, mib-jnx-js-screening, mib-jnx-js-smi, mib-jnx-js-spu-monitoring, mib-jnx-js-utm-av, mib-jnx-jvae-infra, mib-jnx-jvae-node, mib-jnx-l2ald, mib-jnx-l2cp-features, mib-jnx-l2l3vpn-mcast, mib-jnx-l2tp, mib-jnx-ldp, mib-jnx-license, mib-jnx-lsys-securityprofile, mib-jnx-lsys-sp-authentry, mib-jnx-lsys-sp-cpu, mib-jnx-lsys-sp-flowgate, mib-jnx-lsys-sp-flowsess, mib-jnx-lsys-sp-natconebind, mib-jnx-lsys-sp-natdstpool, mib-jnx-lsys-sp-natdstrule, mib-jnx-lsys-sp-natpoipnum, mib-jnx-lsys-sp-natsrcnopatad, mib-jnx-lsys-sp-natsrcpatad, mib-jnx-lsys-sp-natsrcpool, mib-jnx-lsys-sp-natsrcrule, mib-jnx-lsys-sp-natstaticrule, mib-jnx-lsys-sp-policy, mib-jnx-lsys-sp-policywcnt, mib-jnx-lsys-sp-scheduler, mib-jnx-lsys-sp-zone, mib-jnx-mac, mib-jnx-mag, mib-jnx-mbg-smi, mib-jnx-mimstp, mib-jnx-mobile-gateway-aaa, mib-jnx-mobile-gateway-appfw, mib-jnx-mobile-gateway-charging, mib-jnx-mobile-gateway-dhcp, mib-jnx-mobile-gateway-example, mib-jnx-mobile-gateway-gtp, mib-jnx-mobile-gateway-rmps, mib-jnx-mobile-gateway-sgw-charging, mib-jnx-mobile-gateway-sgw-gtp, mib-jnx-mobile-gateway-sgw-mfwd, mib-jnx-mobile-gateway-sgw-sm, mib-jnx-mobile-gateway-sm-ip-pool, mib-jnx-mobile-gateways, mib-jnx-mpls-ldp, mib-jnx-mpls, mib-jnx-mvpn, mib-jnx-oam, mib-jnx-optics, mib-jnx-optif, mib-jnx-ospfv3mib, mib-jnx-otn, mib-jnx-p2mp, mib-jnx-pae-extension, mib-jnx-pfe, mib-jnx-ping, mib-jnx-pmon, mib-jnx-power-supply-unit, mib-jnx-pppoe, mib-jnx-ppp, mib-jnx-pwatm, mib-jnx-pwtdm, mib-jnx-rmon, mib-jnx-rpf, mib-jnx-rpm-twamp, mib-jnx-rpm, mib-jnx-rps, mib-jnx-rsvp, mib-jnx-rtm, mib-jnx-scu, mib-jnx-secure-access-port, mib-jnx-services, mib-jnx-sipcommon, mib-jnx-smi, mib-jnx-soam-pm, mib-jnx-sonetaps, mib-jnx-sonet, mib-jnx-sp-nat, mib-jnx-sp, mib-jnx-subscriber, mib-jnx-syslog, mib-jnx-timing-notifications, mib-jnx-traceroute, mib-jnx-user-aaa, mib-jnx-util, mib-jnx-virtualchassis, mib-jnx-vlan, mib-jnx-vmon, mib-jnx-vpls-bgp, mib-jnx-vpls-generic, mib-jnx-vpls-ldp, mib-jnx-vpn
Destination format: pysnmp
Parser grammar cache directory: not used
Also compile all relevant MIBs: yes
Rebuild MIBs regardless of age: no
Dry run mode: no
Create/update MIBs: yes
Byte-compile Python modules: yes (optimization level no)
Ignore compilation errors: no
Generate OID->MIB index: no
Generate texts in MIBs: no
Keep original texts layout: no
Try various file names while searching for MIB module: yes
Created/updated MIBs: BFD-STD-MIB (mib-jnx-bfd-exp), BGP4-V2-MIB-JUNIPER (mib-jnx-bgpmib2), IEEE8021-CFM-MIB, IEEE8021-PAE-MIB, IEEE8021-TC-MIB, JNX-IPSEC-MONITOR-MIB (mib-jnx-ipsec-monitor-asp), JNX-L2TP-MIB (mib-jnx-l2tp), JNX-MPLS-TE-P2MP-STD-MIB (mib-jnx-p2mp), JNX-OPT-IF-EXT-MIB (mib-jnx-bl), JNX-OPT-IF-MIB (mib-jnx-optif), JNX-PPP-MIB (mib-jnx-ppp), JNX-PPPOE-MIB (mib-jnx-pppoe), JUNIPER-ALARM-EXT-MIB (mib-jnx-alarm), JUNIPER-ALARM-MIB (mib-jnx-chassis-alarm), JUNIPER-ANALYZER-MIB (mib-jnx-analyzer), JUNIPER-ATM-COS-MIB (mib-jnx-atm-cos), JUNIPER-ATM-MIB (mib-jnx-atm), JUNIPER-BFD-MIB (mib-jnx-bfd), JUNIPER-CFGMGMT-MIB (mib-jnx-cfgmgmt), JUNIPER-CHASSIS-CLUSTER-MIB (mib-jnx-jsrpd), JUNIPER-CHASSIS-DEFINES-MIB (mib-jnx-chas-defines), JUNIPER-CHASSIS-FWDD-MIB (mib-jnx-chassis-fwdd), JUNIPER-COLLECTOR-MIB (mib-jnx-coll), JUNIPER-DCU-MIB (mib-jnx-dcu), JUNIPER-DFC-MIB (mib-jnx-dfc), JUNIPER-DOM-MIB (mib-jnx-dom), JUNIPER-EVENT-MIB (mib-jnx-event), JUNIPER-EX-MAC-NOTIFICATION-MIB (mib-jnx-ex-mac-notification), JUNIPER-EX-SMI (mib-jnx-ex-smi), JUNIPER-EXPERIMENT-MIB (mib-jnx-exp), JUNIPER-FABRIC-CHASSIS (mib-jnx-fabric-chassis), JUNIPER-FIREWALL-MIB (mib-jnx-firewall), JUNIPER-FRU-MIB (mib-jnx-fru), JUNIPER-HOSTRESOURCES-MIB (mib-jnx-hostresources), JUNIPER-IFOPTICS-MIB (mib-jnx-optics), JUNIPER-IFOTN-MIB (mib-jnx-ifotn), JUNIPER-IPFORWARD-MIB (mib-jnx-ipforward), JUNIPER-IPSEC-FLOW-MON-MIB (mib-jnx-ipsec-flow-mon), JUNIPER-IPv4-MIB (mib-jnx-ipv4), JUNIPER-IPv6-MIB (mib-jnx-ipv6), JUNIPER-JDHCP-MIB (mib-jnx-jdhcp), JUNIPER-JDHCPV6-MIB (mib-jnx-jdhcpv6), JUNIPER-JS-AUTH-MIB (mib-jnx-js-auth), JUNIPER-JS-CERT-MIB (mib-jnx-js-cert), JUNIPER-JS-DNS-MIB (mib-jnx-js-dns), JUNIPER-JS-FLOW-MIB (mib-jnx-js-flow), JUNIPER-JS-IDP-MIB (mib-jnx-js-idp), JUNIPER-JS-IF-EXT-MIB (mib-jnx-js-if-ext), JUNIPER-JS-IPSEC-VPN-MIB (mib-jnx-js-ipsec-vpn), JUNIPER-JS-NAT-MIB (mib-jnx-js-nat), JUNIPER-JS-PACKET-MIRROR-MIB (mib-jnx-js-packet-mirror), JUNIPER-JS-POLICY-MIB (mib-jnx-js-policy), JUNIPER-JS-SCREENING-MIB (mib-jnx-js-screening), JUNIPER-JS-SMI (mib-jnx-js-smi), JUNIPER-JS-UTM-AV-MIB (mib-jnx-js-utm-av), JUNIPER-JVAE-INFRA-MIB (mib-jnx-jvae-infra), JUNIPER-JVAE-NODE-MIB (mib-jnx-jvae-node), JUNIPER-L2ALD-MIB (mib-jnx-l2ald), JUNIPER-L2CP-FEATURES-MIB (mib-jnx-l2cp-features), JUNIPER-LDP-MIB (mib-jnx-ldp), JUNIPER-LICENSE-MIB (mib-jnx-license), JUNIPER-LSYS-SECURITYPROFILE-MIB (mib-jnx-lsys-securityprofile), JUNIPER-LSYSSP-CPU-MIB (mib-jnx-lsys-sp-cpu), JUNIPER-LSYSSP-FLOWGATE-MIB (mib-jnx-lsys-sp-flowgate), JUNIPER-LSYSSP-FLOWSESS-MIB (mib-jnx-lsys-sp-flowsess), JUNIPER-LSYSSP-NATCONEBIND-MIB (mib-jnx-lsys-sp-natconebind), JUNIPER-LSYSSP-NATDSTPOOL-MIB (mib-jnx-lsys-sp-natdstpool), JUNIPER-LSYSSP-NATDSTRULE-MIB (mib-jnx-lsys-sp-natdstrule), JUNIPER-LSYSSP-NATPOIPNUM-MIB (mib-jnx-lsys-sp-natpoipnum), JUNIPER-LSYSSP-NATSRCNOPATAD-MIB (mib-jnx-lsys-sp-natsrcnopatad), JUNIPER-LSYSSP-NATSRCPATAD-MIB (mib-jnx-lsys-sp-natsrcpatad), JUNIPER-LSYSSP-NATSRCPOOL-MIB (mib-jnx-lsys-sp-natsrcpool), JUNIPER-LSYSSP-NATSRCRULE-MIB (mib-jnx-lsys-sp-natsrcrule), JUNIPER-LSYSSP-NATSTATICRULE-MIB (mib-jnx-lsys-sp-natstaticrule), JUNIPER-LSYSSP-POLICY-MIB (mib-jnx-lsys-sp-policy), JUNIPER-LSYSSP-POLICYWCNT-MIB (mib-jnx-lsys-sp-policywcnt), JUNIPER-LSYSSP-SCHEDULER-MIB (mib-jnx-lsys-sp-scheduler), JUNIPER-LSYSSP-ZONE-MIB (mib-jnx-lsys-sp-zone), JUNIPER-LSYSSPAUTHENTRY-MIB (mib-jnx-lsys-sp-authentry), JUNIPER-MAC-MIB (mib-jnx-mac), JUNIPER-MAG-MIB (mib-jnx-mag), JUNIPER-MBG-SMI (mib-jnx-mbg-smi), JUNIPER-MIMSTP-MIB (mib-jnx-mimstp), JUNIPER-MOBILE-GATEWAY-AAA-MIB (mib-jnx-mobile-gateway-aaa), JUNIPER-MOBILE-GATEWAY-DHCP-MIB (mib-jnx-mobile-gateway-dhcp), JUNIPER-MOBILE-GATEWAY-EXAMPLE-MIB (mib-jnx-mobile-gateway-example), JUNIPER-MOBILE-GATEWAY-GTP-MIB (mib-jnx-mobile-gateway-gtp), JUNIPER-MOBILE-GATEWAY-RMPS-MIB (mib-jnx-mobile-gateway-rmps), JUNIPER-MOBILE-GATEWAY-SGW-GTP-MIB (mib-jnx-mobile-gateway-sgw-gtp), JUNIPER-MOBILE-GATEWAY-SGW-SM-MIB (mib-jnx-mobile-gateway-sgw-sm), JUNIPER-MOBILE-GATEWAY-SM-IP-POOL-MIB (mib-jnx-mobile-gateway-sm-ip-pool), JUNIPER-MOBILE-GATEWAY-SM-MIB (mib-jnx-mobile-gateway-appfw), JUNIPER-MOBILE-GATEWAYS (mib-jnx-mobile-gateways), JUNIPER-MOBILE-GW-SGW-MFWD-MIB (mib-jnx-mobile-gateway-sgw-mfwd), JUNIPER-MOBILITY-CHARGING-MIB (mib-jnx-mobile-gateway-charging), JUNIPER-MOBILITY-SGW-CHARGING-MIB (mib-jnx-mobile-gateway-sgw-charging), JUNIPER-MPLS-LDP-MIB (mib-jnx-mpls-ldp), JUNIPER-NAT-MIB (mib-jnx-sp-nat), JUNIPER-OAM-MIB (mib-jnx-oam), JUNIPER-OTN-MIB (mib-jnx-otn), JUNIPER-PAE-EXTENSION-MIB (mib-jnx-pae-extension), JUNIPER-PFE-MIB (mib-jnx-pfe), JUNIPER-PING-MIB (mib-jnx-ping), JUNIPER-PMon-MIB (mib-jnx-pmon), JUNIPER-POWER-SUPPLY-UNIT-MIB (mib-jnx-power-supply-unit), JUNIPER-PW-ATM-MIB (mib-jnx-pwatm), JUNIPER-PW-TDM-MIB (mib-jnx-pwtdm), JUNIPER-RMON-MIB (mib-jnx-rmon), JUNIPER-RPF-MIB (mib-jnx-rpf), JUNIPER-RPM-MIB (mib-jnx-rpm), JUNIPER-RPS-MIB (mib-jnx-rps), JUNIPER-RSVP-MIB (mib-jnx-rsvp), JUNIPER-RTM-MIB (mib-jnx-rtm), JUNIPER-SCU-MIB (mib-jnx-scu), JUNIPER-SECURE-ACCESS-PORT-MIB (mib-jnx-secure-access-port), JUNIPER-SIP-COMMON-MIB (mib-jnx-sipcommon), JUNIPER-SNMP-SET-MIB (mib-jnx-gen-set), JUNIPER-SOAM-PM-MIB (mib-jnx-soam-pm), JUNIPER-SONET-MIB (mib-jnx-sonet), JUNIPER-SP-MIB (mib-jnx-sp), JUNIPER-SRX5000-SPU-MONITORING-MIB (mib-jnx-js-spu-monitoring), JUNIPER-SUBSCRIBER-MIB (mib-jnx-subscriber), JUNIPER-SYSLOG-MIB (mib-jnx-syslog), JUNIPER-Services-MIB (mib-jnx-services), JUNIPER-TIMING-NOTFNS-MIB (mib-jnx-timing-notifications), JUNIPER-TRACEROUTE-MIB (mib-jnx-traceroute), JUNIPER-TWAMP-MIB (mib-jnx-rpm-twamp), JUNIPER-USER-AAA-MIB (mib-jnx-user-aaa), JUNIPER-UTIL-MIB (mib-jnx-util), JUNIPER-VIRTUALCHASSIS-MIB (mib-jnx-virtualchassis), JUNIPER-VLAN-MIB (mib-jnx-vlan), JUNIPER-VMON-MIB (mib-jnx-vmon), JUNIPER-VPN-MIB (mib-jnx-vpn), L2L3-VPN-MCAST-MIB (mib-jnx-l2l3vpn-mcast), LLDP-MIB, MCAST-VPN-MIB (mib-jnx-mvpn), MPLS-MIB (mib-jnx-mpls), MPLS-VPN-MIB, OSPFV3-MIB-JUNIPER (mib-jnx-ospfv3mib), VPLS-BGP-DRAFT-01-MIB (mib-jnx-vpls-bgp), VPLS-GENERIC-DRAFT-01-MIB (mib-jnx-vpls-generic), VPLS-LDP-DRAFT-01-MIB (mib-jnx-vpls-ldp)
Pre-compiled MIBs borrowed:
Up to date MIBs: ALARM-MIB, APS-MIB, ATM-MIB, ATM-TC-MIB, BGP4-MIB, BRIDGE-MIB, DIFFSERV-DSCP-TC, DIFFSERV-MIB, DISMAN-PING-MIB, HCNUM-TC, HOST-RESOURCES-MIB, IANA-ADDRESS-FAMILY-NUMBERS-MIB, IANA-RTPROTO-MIB, IANAifType-MIB, IF-MIB, INET-ADDRESS-MIB, INTEGRATED-SERVICES-MIB, IP-FORWARD-MIB, IP-MIB, IPMROUTE-STD-MIB, IPV6-MIB, IPV6-TC, JUNIPER-COS-MIB, JUNIPER-IF-ACCOUNTING-MIB, JUNIPER-IF-MIB, JUNIPER-MIB, JUNIPER-SMI, MPLS-LSR-STD-MIB, MPLS-TC-STD-MIB, MPLS-TE-STD-MIB, OSPF-MIB, P-BRIDGE-MIB, PerfHist-TC-MIB, Q-BRIDGE-MIB, RFC-1212, RFC-1215, RFC1155-SMI, RFC1213-MIB, RMON-MIB, RMON2-MIB, SNMP-FRAMEWORK-MIB, SNMPv2-CONF, SNMPv2-MIB, SNMPv2-SMI, SNMPv2-TC, VPN-TC-STD-MIB
Missing source MIBs:
Ignored MIBs:
Failed MIBs:

動作確認

Juniperの拡張MIBを取得できるようになったことを確認する。
vSRXのシリアルナンバー(OID:jnxBoxSerialNo)を取得してみる

In [1]: from  pysnmp.hlapi import *
In [22]: get =  getCmd(SnmpEngine(),
    ...: CommunityData("community"), 
    ...: UdpTransportTarget((ipaddress, 161)),
    ...: ContextData(),
    ...: ObjectType(ObjectIdentity("JUNIPER-MIB", "jnxBoxSerialNo", 0)))
    
In [23]: serial = next(get)
In [24]: serial
Out[24]:
(None,
 0,
 0,
 [ObjectType(ObjectIdentity(<ObjectName value object at 0x7fb32b2d1b38 tagSet <TagSet object at 0x7fb33341b0f0 tags 0:0:6> payload [1.3.6.1.4.1.2636.3.1.3.0]>), <DisplayString value object at 0x7fb32b2dc780 tagSet <TagSet object at 0x7fb333412c50 tags 0:0:4> subtypeSpec <ConstraintsIntersection object at 0x7fb330075a58 consts <ValueSizeConstraint object at 0x7fb3333c5630 consts 0, 65535>, <ValueSizeConstraint object at 0x7fb32b75e0b8 consts 0, 255>, <ValueSizeConstraint object at 0x7fb330075a20 consts 0, 255>> encoding iso-8859-1 payload [9614550D7979]>)])

In [31]: print(serial[3][0][1])
9614550D7979

※念のためvSRX側でCLIで確認

root> show chassis hardware
Hardware inventory:
Item             Version  Part number  Serial number     Description
Chassis                                9614550D7979      VSRX
CB 0
Routing Engine 0          BUILTIN      BUILTIN           VSRX-S
FPC 0            REV 07   611-049549   RL3714040884      FPC
  PIC 0                   BUILTIN      BUILTIN           VSRX DPDK GE
6
6
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
6
6

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?