-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsnmp
89 lines (58 loc) · 2.82 KB
/
snmp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
SNMP is good for collecting router information, not good for making configuration changes.
oid = object identifier
mib = management information base (provides definition of snmp objects (oids, human readable names, interpretation of the data sent back)
There are two main snmp library choices:
pysnmp (entirely python)
netsnmp (c library with python hooks). Good to walk and find oids in the snmp tree
You can use a MiB browser to find this info:
.iso(1).org(3).dod(6).internet(1).mgmt(2).mib2(1).system(1).sysDescr(1)
Scalar data needs .0 append on the end
Tabular data does not need this
From linux cli to test snmp:
snmpwalk -v 2c -c <commstring> 10.0.0.15 1.3.6.1 # this returns everything starting at that oid position.
snmpget -v 2c -c <commstring> 10.0.0.15 1.3.6.1.2.1.1.1.0 # to return a specific value
snmpget -v 2c -c <commstring> 10.0.0.15 <oid_description_name_returned_by_walk>
You install the MIB definition on the server doing the SNMPWalk to get a human readable description back
On Centos is /usr/share/snmp/mibs
Python Example:
# need to have this helper script available for the import
# https://github.com/ktbyers/pynet/blob/master/snmp/snmp_helper.py
from snmp_helper import snmp_get_oid,snmp_extract
COMMUNITY_STRING = 'mycommstr'
SNMP_PORT = 161
IP = '10.0.0.15'
# this is a tuple (unchangable list)
a_device = (IP, COMMUNITY_STRING, SNMP_PORT)
# system description oid
OID = '1.3.6.1.2.1.1.1.0'
snmp_data = snmp_get_oid(a_device, oid=OID)
# Converts from Hex to Human Readable Output
output = snmp_extract(snmp_data)
print output
===========================================================
SNMPv3 - adds authentication and encryption
IOS Router Config Example:
# Create a view of what can be seen in the SNMP tree (this view actually
# specifies the entire tree is visible).
snmp-server view VIEWSTD iso included
# Create an SNMP Group using SNMPv3 with authentication and encryption,
# read-only, using VIEWSTD, filtered by ACL98. Group name is 'READONLY'.
# 'priv' indicates authentication and encryption is used.
snmp-server group READONLY v3 priv read VIEWSTD access 98
# Bind a user to the SNMP group, specify SHA1 for auth and AES128 for encryption.
# Specify the authentication and encryption keys
snmp-server user <user> READONLY v3 auth sha <password> priv aes 128 <key>
==============================================================
Using kbyers snmp_helper.py program for SNMPv3 queries
import snmp_helper
# this assumes the defaults for encyption AES and authentication of SHA
ip = '10.11.12.55'
a_user = 'mysnmpuser'
auth_key = 'myauthkey'
encrypt_key = 'myencryptkey'
snmp_user = (a_user, auth_key, encrypt_key)
router_1 = (ip, <port>)
router_2 = (ip, <port>)
snmp_data = snmp_helper.snmp_get_oid_v3(router_1, snmp_user, oid='1.3.6.1.2.1.1.5.0')
output = snmp_helper.snmp_extract(snmp_data)
print output