How Does SNMP Work?
The snmpwalk command is a shorthand way to use multiple GETNEXT requests without having to type lots of different commands, fire off lots of different GETNEXT and view your infrastructure health. We look at some snmpwalk examples on Windows and Linux.
However, before we look at the snmpwalk command, we first need to look at how SNMP works. On SNMP-enabled devices, an SNMP agent collects information from the device and stores it within a Management Information Base (MIB) where this data is stored so that it can be accessed whenever the SNMP manager polls the SNMP agent.
When the SNMP Manager queries the SNMP agent, data is taken from the MIB and sent to the SNMP Manager where it can be viewed with a network monitoring tool. There are many different commands that you can use to query an SNMP agent. The most common ways are through the use of the GET or the GET-Next command.
The GET command is used to take an Object Identifier (OID) from the MIB. The GET-Next command is a little more advanced and goes through a MIB tree from OID to OID pulling information. This is where snmpwalk comes in.
What is snmpwalk?
The name, snmpwalk, is given to an SNMP application that runs multiple GETNEXT requests automatically. The SNMP GETNEXT request is used to query an enabled device and take SNMP data from a device. The snmpwalk command is used because it allows the user to chain GETNEXT requests together without having to enter unique commands for each and every OID or node within a sub-tree.
The snmpwalk is issued to the root node of the sub-tree so that system information is gathered from every connected node. This provides you with an efficient way to collect information from a range of devices like routers and switches. The information you collect arrives in the form of OIDs. An OID is an object which is part of the MIB within an SNMP-enabled device.
Installing snmpwalk in Windows
For Microsoft Windows users, the process of installing snmpwalk in Windows is incredibly simple.
- You first need to download the following:
- Once you have the snmpwalk.exe file on your computer, click Start > search cmd and press Enter. This will open the command line prompt window.
Installing snmpwalk in Linux
On Linux devices, snmpwalk is available as a package for you to install. The process of doing this depends on your Linux distribution. However, you can install Linux by entering the following commands:
yum install net-snmp-utils
apt-get install snmp
Parameters and Options for snmpwalk in Windows and Linux
The snmpwalk command has has a range of different parameters that you can use. These include the following:
The SNMP agent name
The type of read community
Specify an object ID to return all SNMP objects below it. If NULL then the root of the SNMP object is taken as the object_id
Number of microseconds before the first timeout
How many times to retry the connection in the event of a timeout
Shows the last symbolic element of an OID
Sets a community string
Specifies the SNMP version you want to use
How to Minimize the Information You See With snmpwalk
One of the first things you’ll notice when running snmpwalk is that there are too many results for you to read. You can easily end up with thousands of different results. To get around this vendors help you by providing you with a MIB file. The MIB file is used to specify which OIDs are available on a device. Many vendors provide you with a MIB file for each device you have. Having a MIB file allows you to run a query that is specific to that file, rather than walking through everything.
See also: SMNP tools
Examples of the snmpwalk Command
When using snmpwalk on a device you will be provided with a range of values by the SNMP agent. You will be walking through the OID from your starting OID onwards. If you enter the snmpwalk command on a device then a similar result to the following will display:
$ snmpwalk -v1 -c public 10.10.1.224
SNMPv2-MIB::sysDescr.0 = STRING: APC Web/SNMP Management Card
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.3126.96.36.199
SNMPv2-MIB::sysUpTime.0 = Timeticks: (47372422) 5 days, 11:35:24.22
SNMPv2-MIB::sysContact.0 = STRING: Comparitech
SNMPv2-MIB::sysName.0 = STRING: APC-3425
SNMPv2-MIB::sysLocation.0 = sTRING: 3425EDISON
SNMPv2-MIB::sysServices.0 = INTEGER: 72
IF-MIB:: ifNumber.0 = INTEGER: 1
IF-MIB:: ifIndex.1 = INTEGER: 1
IF-MIB:: ifDescr.1 =STRING: veya
SNMPv2-MIB:: snmpOutGetResponses.0 =Counter32: 338
SNMPv2-MIB: snmpOutTraps.0 = Counter32: 0
SNMPv2-MIB:: snmpEnableAuthenTraps.0 = INTEGER: 0
As you can see that is a lot of system information generated by a single command. Most of the lines are comprised of information pulled from the MIB.
Example of snmpwalk with no MIB
In the example below, you can see a snmpwalk example with no MIB. The second number on the first line, or the
.188.8.131.52.4.1.318, is the OID that we started from.
$ snmpwalk -v1 -c public 10.10.1.224 .184.108.40.206.4.1.318
SNMPv2-SMI::enterprises.3220.127.116.11.18.104.22.168 = STRING: “Silcon DP340E”
SNMPv2-SMI::enterprises.322.214.171.124.126.96.36.199 = STRING: “UPS_IDEN”
SNMPv2-SMI::enterprises.3188.8.131.52.184.108.40.206 = STRING: “314.10.D
Example of snmpwalk with MIB denoted
However, if you have a specific MIB then you can get more detailed information returned back to you from the objects that you want to view. In the example below the
-m command denotes the MIB that is going to be queried.
$ snmpwalk -v1 -c public -m “./APC-POWERNET.txt” 10.10.1.224 apc
PowerNet-MIB::upsBasicIdentModel.0 = STRING: “Silcon DP340E”
PowerNet-MIB::upsBasicIdentName.0 = STRING: “UPS_IDEN”
PowerNet-MIB::upsAdvIdentFirmwareRevision.0 = STRING: “314.10.D”
Example of snmpwalk in Linux
Below is a snmpwalk example command in Linux. As you can see this functions in much the same way walking through the OIDs to pull the relevant system information from the connected devices:
# % snmpwalk-v 1 localhost public system # system.sysDescr.o = “SunOS name sun4c”
# system.sysObjectID.o = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
# system.sys.UpTime.o = Timeticks (595637548) 68 days, 22:32:55
# system.sysContact.o = “email@example.com>”
# system.sysName.o = “Ridyadh_o8_WS”
# system.sysLocation.o = “Ridyadh, KSA”
# system.sysServices.o = 72
Save Time with snmpwalk
The concept of snmpwalk seems complicated, but it isn’t in reality. The snmpwalk command is simply a shorthand way to use multiple GETNEXT requests without having to type lots of different commands. With one snmpwalk command, you can fire off lots of different GETNEXT and view your infrastructure health.
If you’re using the snmpwalk command then it’s important to remember to cut down the amount of information you receive as much as possible. Specifying a MIB will allow you to see specific information rather than data collected from an entire database of object IDs!
By drawing SNMP data from devices throughout your network this way, you can make sure that you don’t miss anything important happening on your network. After all the snmpwalk command is there to help you pull SNMP data from devices in your network as efficiently as possible.
Using MIB with an SNMP agent
Our methodology for selecting MIB analyzers like snmpwalk
We reviewed the market for MIB analyzers like snmpwalk and assessed the options based on the following criteria:
- An interpreter for the OID structure of SNMP
- A tool that includes a visual layout of the OID tree
- A view that shows the OID value plus a description for each active node
- A display of whether an OID node has a value or not
- A graphical user interface that is easy to use
- A free trial for a no-risk assessment
- Value for money represented by useful functionality at a good price
SNMP agents collect network device information and store it in a Management Information Base (MIB) and become accessible to powerful SNMP tools.
The SNMP MIB Browser from ManageEngine is a visual snmpwalk tool that will run in Windows and Linux.
- SNMP Operations for retrieving and configuring information on a device
- SNMP Walk retrieves a subtree of management values using the GET NEXT operation
- MIB Loading allows the SNMP tools to properly interpret the data they retrieve.
- Built in SNMP Trap receiver for spotting problems on the network
- Table View makes it easier to understand and analyze the output
- SNMP Device Simulation for testing SNMP functionality without a physical device
This is a great free alternative to the big network monitoring systems like PRTG if you just want to see the details in the MIB returned by a specific device. The MIB Browser can also query a series of devices and summarize their MIBs.
- Lets you query a specific device or a range of devices
- Will run in Linux and Windows
- Supports SNMP v1, v2, and v3
- Can be set up to query and read MIBs continuously
- Has an alert system that can be set up to trigger if a fail status is in a MIB
- Will send alerts by email
- Can parse MIBs
- Not a full network monitor
Download the free SNMP MIB Browser from ManageEngine.
FAQs for snmpwalk
What is a MIB walk?
A MIB is the SNMP Management Information Base. This is created through a reference code structure with each item having sub-nodes that are identified by the parent ID plus an extension. So, the MIB has a tree structure. A MIB walk is the process of working through a received MIB report and checking every code defined in the SNMP standard to see if it has an associated value.
Are there any alternatives to SNMP?
SNMP is the only reporting standard that is universally implemented by network device manufacturers. There are some other reporting standards that some of the major device producers install as well. These include Netconf, which is available on Cisco devices – some other manufacturers install this as well. WMI is another option, but this is only available on devices that run Windows.
What is snmpwalk OID?
OID stands for “object identifier.” This is the code that identifies each node on the MIB tree. Therefore, a snmpwalk on OIDs is the same as a MIB walk.
How do you use SNMP GET command in Linux?
The snmpget command in Linux has a number of switches that modify the behavior of the utility. You can see these options by entering snmpget -h Here are the results that you will see:
-H display configuration file directives understood
-v 1|2c|3 specifies SNMP version to use
-V, –version display package version number
For example, you would type in snmpget -V to see the version number of your SNMP implementation
How can I tell if SNMP is running in Linux?
Issue any standard SNMP command at the command line to see if the SNMP service is running. For example, use the snmpget -v command.
How can I tell if SNMP is working in Windows?
To see if SNMP is running on a Windows computer:
- Go to the Start Menu, expand Windows Administrative Tools, and click on Services.
- Scroll down the displayed list of services to find the SNMP entry. Its Status should be Running if it is working.
See also: Best SNMP Monitoring Tools