DocumentationSNMP
Function | Query a device (usually some type of network device) for SNMP data by requesting an OID. Allows browsing for OIDs. |
|---|---|
Alarming | Transfer time, User-defined values, diff values and string values |
The Simple Network Management Protocol (SNMP) is by far the dominant protocol in network management. A key reason for its widespread acceptance, besides being the chief Internet standard for network management, is its relative simplicity. Implementing SNMP management in a networked device is far more straightforward than most other standard or non-standard approaches to network management.
The SNMP manager or the management application uses a well-defined naming syntax to specify the variables to the SNMP agent. Object names in this syntax are called Object Identifiers (Object IDs or OIDs).
OIDs are series of numbers that uniquely identify an object to an SNMP agent. OIDs are arranged in a hierarchical, inverted tree structure. The OID tree begins with the root and expands into branches. Each point in the OID tree is called a node and each node will have one or more branches, or will terminate with a leaf node. The format of OID is a sequence of numbers with dots in between.
The following SNMP variable types are supported for values:
ASN_COUNTER | 32 bit non negative integer that can only increase |
ASN_GAUGE | 32 bit integer |
ASN_INTEGER | 32 bit integer (-232 until 232) rfc 1442 |
ASN_INTEGER64 | 64 bit integer (-264 until 264) rfc 1442 |
ASN_OPAQUE | float and double supported |
ASN_UNSIGNED64 | 64 bit unsigned |
ASN_COUNTER64 | 64 bit unsigned |
ASN_TIMETICKS | unsigned |
All those values and the difference to the last measurement are converted to float and are then transferred to the server.
Diff values of the above types are automatically divided by the time since the last measurements ((currentValue - previousValue) / (currentTimeSeconds - previousTimeSeconds)). This means we always get a rate per second for such diff values.
ASN_BIT_STR |
ASN_OCTET_STR |
These values are strings and may contain any printable characters.
SNMP features
Online MIB browser for OID selection
Infinite MIB files, location: /usr/share/snmp/mibs on each SKOOR Engine collector
Configurable measurement unit
Automatic differential values
Version 1, 2c and v3 PDU support
v3 encryption support
n layer alarming
MIB2 interface selection by name
Reference OID names to OID numbers
Adjustable retries and timeouts
Suppressible values (reduces DB-size)
Strings (reference a number to text)
Parse numbers out of text OID (first value only)
SNMP detail
SNMP parameters
The Authentication input section is only shown when SNMP version 3 is selected.
Parameter | Description |
|---|---|
UDP port | Select the UDP port (default is 161) |
Retries | Number of retries if the request fails. Default is 2 retries. |
Timeout | Select the timeout for the request. On most devices, SNMP requests are handled with low priority so use a high enough timeout. Default is 2s. |
Version | Select the SNMP version served by the remote snmp daemon. The following choices are available: Version 1 |
Security level | The security level defines how the SNMP request is sent. This choice is only available when SNMP v3 is used. The following options are available: |
Username | For authentication, only visible when SNMP v3 is used. |
Authent. passphrase | Passphrase for authentication, only visible when SNMP with authentication is used. |
Authent. protocol | Protocol for authentication, only visible when SNMP with authentication is used. Currently available options are MD5 or SHA. Default is MD5. |
Privacy passphrase | For encryption, only visible when SNMP with authentication and encryption is used. |
Privacy protocol | For encryption, only visible when SNMP with authentication and encryption is used. Currently available options are DES and AES. Default is DES. |
Community | Most network devices allow different levels of SNMP access, for example: READ ONLY or READ/WRITE. Each of these levels of access will usually have a different community string. To read data, only the READ community has to be known, which is usually: public. |
Request OID | Insert the management information base (MIB) OID for the request. If the OID is unknown, it can be browsed on the jobs device with the online browser. Additional OIDs can be requested from a single SNMP job by clicking the “+” button next to the Browse button. If more than 1 OID is entered, the output of all OIDs is appended into the same output file, one after the other. |
Overflow | Leave this setting on Auto. It will handle the Diff-value calculation, if the counter is reset to 0. This prevents negative Diff-values. |
Suppress transfer time | By default, the time it takes to transfer the SNMP data is recorded to the database. If this information is irrelevant, check this box to save database space. |
Suppress value | Check those SNMP output types that should not be considered. If the checkbox Suppress info message is enabled, SNMP string output will not be sent to the server. The return value will be set to Invalid value only if either value or diff value is desired and it is not possible to extract a value from the string. The checkboxes Suppress value, Suppress diff value and |
Map string to value | Define a mapping of SNMP string objects to numerical values. A string value may be extracted as a string value directly or by defining a string map of the format 1=foo,2=bar,0=* which means that the string foo will be converted to the numeric value 1, the string bar to the numeric value 2 and (optional) everything else to the value 0. Spaces are not allowed in this definition. If no string map is defined or the assignment fails (no default operator defined) the string is parsed for the first occurrence of numeric characters and the result is transferred to the server as requested (value and/or diff value). |
Define Unit | See section SNMP Unit/Divisor below. |
The Tags dropdown list allows entering pre-defined variables into the fields above, e.g. $NAME$ for the name of the job.
Browse online
To find a specific SNMP OID on the remote SNMP agent and use it as an SNMP request, click the Browse online button. It helps if one knows the approximate location in the tree, to limit the browse time, network traffic and output size. Enter the correct community string for the SNMP agent and select the SNMP version in the Connection section. The most frequently used MIBs can be selected from the dropdown menu, starting from Root, which should only be selected, if the location of the required object is completely unknown:
Start the process with the Start scan button:
The scan can take some time to finish, depending on the number of objects below the selected Root OID. Click Refresh until the Download state says Complete:
The Download counter shows the number of OIDs found. To display them, select Show tree or Show flat. To select an OID, just click on the OID link.
Example 1 - Tree view with type and value
Example 2 - Flat view with value
If the output of the scanned tree does not show text information but only OIDs of the form
1.3.6.1.4.1.13424.11.1.1.25
then the MIB for the scanned device is probably not installed. To search for SNMP MIBs, search the device manufacturer's website or search the MIB Depot homepage for publicly available MIBs.
SNMP generic name resolution
Some SNMP Servers do not always match the same OID to the same value. Reading the disk usage from a host MIB might work until a new disk is added to that system. It’s possible that the index (which in the example below is .2) will change.
To avoid this, SKOOR Engine can use a user defined Resolve OID for name to index mapping. To achieve this we replace the index with a string to match against the Resolve OID with the pattern between two $ characters. Before performing the query SKOOR Engine will replace the $string$ with the found corresponding index. Here is an example of an OID that one would like to read a value from:
.iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.2
Instead of entering this string as a Request OID, first look for the SNMP description string of the disk which is stored under the following OID:
.iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageDescr
Its value is: C:\ Label: Serial Number dc133042
Now replace the number 2 with the value above surrounded by two $ characters:
iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.$C:\ Label: Serial Number dc133042$
As soon as the second $ string is entered, a new line called Resolve OID appear beneath the Request OID1 line. Enter the above description OID here:
.iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageDescr
$C:\ Label: Serial Number dc133042$ will be replaced with 2.
SNMP default value
If the OID name resolution fails (see section above), it's possible to define a default index. In the example above, one would write the default index after the request OID, separated by a space character:
iso.org.dod.internet.mgmt.mib-2.host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.$C:\ Label: Serial Number dc133042$ 2
SNMP Unit/Divisor
The SNMP output in the example in the section above is:
hrStorageDescr.2 C:\ Label: Serial Number dc133042 hrStorageAllocationUnits.2 4096 Bytes hrStorageSize.2 2120572 hrStorageUsed.2 1839613
To get the result of used storage capacity in GB instead, set the correct divisor needs to be set.
Windows Explorer tells us the following about the file system on drive C:\:
Volume: 8283MB, 8.08GB Total Size, Freespace 1.07GB
Therefore one has to multiply hrStorageUsed.2 by 4096 to get the value in bytes and then divide by 1024 three times to get the value in GB.
1839613 x 4096 / 1024 / 1024 / 1024 = 7.01GB used (which is in line with Explorer’s figures)
To set the SKOOR Engine divisor, combine 1024 x 1024 x 1024 / 4096 = 262144
Press the Unit button to define the value's name, its unit and its divisor:
The result in the values section after executing the SNMP job will be 7.01 GB.
To get %used instead, use this formula: hrStorageUsed / hrStorageSize x 100 so the divisor would be 21205.72.
SNMP jobs with multiple OIDs
It is possible to evaluate multiple OIDs within the same SNMP job. All SNMP queries must be valid for the device to which the SNMP job is attached (it’s not possible to define queries for different devices in one SNMP job). Additional OIDs are enabled by clicking the plus button next to the Browse online button. Once additional OIDs are added, additional Results fields appear in the Results section below:
Each OID has its separately configurable output section and its own Map string to value definition and Unit button. The transfer time can be suppressed globally.
The example uses Resolve OIDs for each of the 3 OIDs. See section SNMP generic name resolution above for details.
The first and second OIDs request the ifInOctets and ifOutOctets counters from an interface of a network device. For these counters the absolute value is not relevant, what is interesting is the change with time, so the Result fields for these 2 OIDs suppresses the values themselves and any string values (which are not returned anyway by this OID).
The Unit definition for the first OID result has the value and string value units greyed out accordingly:
A divisor is specified to convert the output to kBit/s.
byte/s → kBit/s
kbit = byte / 1000 * 8
kbit = byte / (1000 / 8)
kbit = byte / 125
The third OID requests the ifOperStatus of the network interface, which is returned as a string (not as a string object per se, but the output is e.g.: up(1)) by the SNMP agent. This can be seen when using the Browse online button with the .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOperStatus OID as Root:
Since numerical values are handled faster by the SKOOR Engine, it's usually better to convert the known string to a numerical value using the Map string to value field:
This means the result sent to the server will be a value and no longer a string, so one can suppress string values and diff values.
The Unit definition for the third OID result is specified as follows:
The results are then displayed in the Values section:
If one of the defined OIDs produces an error, the error message of this OID is shown and the whole job fails. All subsequent OIDs are not processed if an OID fails:
SNMP values and alarm limits
Value / Alarm limit | Description |
|---|---|
Value1-n | Custom numeric value defined by the OIDs Result Unit button. |
Diff value1-n | Custom numeric diff value defined by the OIDs Result Unit button. |
String value1-n | Custom string value defined by the OIDs Result Unit button. |
Error code | Generic job error code (see section Job error codes) |
SNMP examples
Example 1 - SNMP mib-2 interface selection by description
It is possible to automatically select the interface number by its description. This can be useful if a router’s interface count is subject to change. Then it must be possible to select the interface by its description.
We want to look up the OID
.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInOctets.<interface id>
for the number of octets that have passed inwards through the VLAN 10 interface. To do this we look for the interface description first below .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr:
and find that the description is:
em0_vlan10
Now replace the numerical index after ifInOctets with the string $em0_vlan10$ and use this as the Request OID:
.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInOctets.$em0_vlan10$
As Resolve OID, use
.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr
The search for a matching description string is case sensitive. The job will remember the last index. If the number has changed, it will rescan the descriptions.