snmpwalk
Server Training - Nagios

snmpwalk as a Tool to Develop Checks
The tool snmpwalk is installed when you install the snmp-utils.  This is a program you can use to find the OIDs that you may want to evaluate with SNMP.
Here is a command that will use SNMP version 1 (-v1) to locate available OIDs on the router.  Note the password for the community is “public” in this case, your may be different.  This list may be long but it gives you a place to start.

 

Lesson 4 | Lesson 6

 


snmpwalk 192.168.5.79 -v1 -c public
SNMPv2-MIB::sysDescr.0 = STRING: Prestige 643
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.113921.2
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (42600) 0:07:06.00
SNMPv2-MIB::sysContact.0 = STRING: Fred Flintstone
SNMPv2-MIB::sysName.0 = STRING: MyRouter
SNMPv2-MIB::sysLocation.0 = STRING: MyBusiness
SNMPv2-MIB::sysServices.0 = INTEGER: 14
IF-MIB::ifNumber.0 = INTEGER: 17
IF-MIB::ifIndex.1 = INTEGER: 1
IF-MIB::ifIndex.2 = INTEGER: 2
IF-MIB::ifDescr.1 = STRING: enet0
IF-MIB::ifDescr.2 = STRING: enet-encap
IF-MIB::ifType.1 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.2 = INTEGER: other(1)
IF-MIB::ifMtu.1 = INTEGER: 1500
IF-MIB::ifMtu.2 = INTEGER: 1528
IF-MIB::ifSpeed.1 = Gauge32: 100000000
IF-MIB::ifSpeed.2 = Gauge32: 0
IF-MIB::ifPhysAddress.1 = STRING: 0:a0:c5:40:38:c1
IF-MIB::ifPhysAddress.2 = STRING: 0

Once you have information to start developing checks you would like to use you can then use the default check_snmp from the Nagios plugins.  This command will check to see if the first network interface of a Cisco router is available.  Note the location of the check_snmp plugin as it is installed by default when you install Nagios.


/usr/lib/nagios/plugins/./check_snmp -H 192.168.5.79  -C public -o ifOperStatus.1 -w 1:1 -l 'SNMP: Port Status for port 1 is: '
SNMP: Port Status for port 1 is:  OK - 1 | IF-MIB::ifOperStatus.1=1  

This command will achieve the same thing but with a small difference in the output.  Both commands show the router is capable of communication.

/usr/lib/nagios/plugins/./check_snmp -H 192.168.5.79  -C public -o ifOperStatus.1 -r 1
SNMP OK - up(1) |  

Here snmpwalk is used just to locate specific interfaces.

snmpwalk -v1 -c public 192.168.5.79 mib-2.interfaces
IF-MIB::ifNumber.0 = INTEGER: 17
IF-MIB::ifIndex.1 = INTEGER: 1
IF-MIB::ifIndex.2 = INTEGER: 2
IF-MIB::ifDescr.1 = STRING: enet0
IF-MIB::ifDescr.2 = STRING: enet-encap
IF-MIB::ifType.1 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.2 = INTEGER: other(1)
IF-MIB::ifMtu.1 = INTEGER: 1500
IF-MIB::ifMtu.2 = INTEGER: 1528
IF-MIB::ifSpeed.1 = Gauge32: 100000000
IF-MIB::ifSpeed.2 = Gauge32: 0
IF-MIB::ifPhysAddress.1 = STRING: 0:a0:c5:40:38:c1
IF-MIB::ifPhysAddress.2 = STRING: 0
IF-MIB::ifAdminStatus.1 = INTEGER: up(1)
IF-MIB::ifAdminStatus.2 = INTEGER: up(1)

Now using snmpwalk you can find out information about the system on the router.

snmpwalk -v1 -c public 192.168.5.79 system
This command with snmpwalk will provide you with information about the system.  Here you find information about the router (Prestige 643), snmp version (SNMPv2), the uptime (2:23:36.00), system contact (Fred Flintstone), system name (MyRouter), location (MyBusiness) and system services (14).

SNMPv2-MIB::sysDescr.0 = STRING: Prestige 643
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.113921.2
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (861600) 2:23:36.00
SNMPv2-MIB::sysContact.0 = STRING: Fred Flintstone
SNMPv2-MIB::sysName.0 = STRING: MyRouter
SNMPv2-MIB::sysLocation.0 = STRING: MyBusiness
SNMPv2-MIB::sysServices.0 = INTEGER: 14

You can use snmpwalk to determine the interfaces on the router.

snmpwalk -v1 -c public 192.168.5.79 ifType
IF-MIB::ifType.1 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.2 = INTEGER: other(1)

Once you know that the information you want is related to the Ethernet you can eliminate the other(1) by using this command.

/usr/lib/nagios/plugins/./check_ifstatus -C public  -H 192.168.5.79 -x1
OK: host '192.168.5.79', interfaces up: 1, down: 0, dormant: 0, excluded: 1, unused: 0 |up=1,down=0,dormant=0,excluded=1,unused=0

If you do not eliminate the other(1) with -x1 you will see a critical warning as other is down.

/usr/lib/nagios/plugins/./check_ifstatus -C public  -H 192.168.5.79
CRITICAL: host '192.168.5.79', interfaces up: 1, down: 1, dormant: 0, excluded: 0, unused: 0<BR>enet-encap: down <BR>
|up=1,down=1,dormant=0,excluded=0,unused=0

Once you have run these commands from the Nagios server command line you can start putting up automatic checks.