In the late 1980’s, SNMP or the Simple Network Management Protocol first emerged as a solution for managing nodes within a network. Since then SNMP data has been used to measure the system performance of devices across countless vendors to help ensure that networks stay up and running.
Today SNMP is one of the most popular networking protocols in the world and snmpwalk has become a go-to method for scanning multiple nodes at once.
How Does SNMP Work?
However, before we look at the snmpwalk command, we first need to look at how SNMP works. On SNMP-enabled devices, an SNMP agent collects information from the device and stores it within a Management Information Base (MIB) where this data is stored so that it can be accessed whenever the SNMP manager polls the SNMP agent.
When the SNMP Manager queries the SNMP agent, data is taken from the MIB and sent to the SNMP Manager where it can be viewed with a network monitoring tool. There are many different commands that you can use to query an SNMP agent. The most common ways are through the use of the GET or the GET-Next command. The GET command is used to take an Object Identifier (OID) from the MIB. The GET-Next command is a little more advanced and goes through a MIB tree from OID to OID pulling information. This is where snmpwalk comes in.
What is snmpwalk?
snmpwalk is the name given to an SNMP application that runs multiple GETNEXT requests automatically. The SNMP GETNEXT request is used to query an enabled device and take SNMP data from a device. The snmpwalk command is used because it allows the user to chain GETNEXT requests together without having to enter unique commands for each and every OID or node within a sub-tree.
The snmpwalk is issued to the root node of the sub-tree so that system information is gathered from every connected node. This provides you with an efficient way to collect information from a range of devices like routers and switches. The information you collect arrives in the form of OIDs. An OID is an object which is part of the MIB within an SNMP-enabled device.
Installing snmpwalk on Windows
For Microsoft Windows users, the process of installing snmpwalk on Windows is incredibly simple.
- You first need to download the following:
- Once you have the snmpwalk.exe file on your computer, click Start > search cmd and press Enter. This will open the command line prompt window.
Installing snmpwalk on Linux
On Linux devices, snmpwalk is available as a package for you to install. The process of doing this depends on your Linux distribution. However, you can install Linux by entering the following commands:
yum install net-snmp-utils
apt-get install snmp
snmpwalk Parameters and Options in Windows and Linux
snmpwalk has a range of different parameters that you can use. These include the following:
The SNMP agent name
The type of read community
Specify an object ID to return all SNMP objects below it. If NULL then the root of the SNMP object is taken as the object_id
Number of microseconds before the first timeout
How many times to retry the connection in the event of a timeout
Shows the last symbolic element of an OID
Sets a community string
Specifies the SNMP version you want to use
How to Minimize the Information You See With snmpwalk
One of the first things you’ll notice when running snmpwalk is that there are too many results for you to read. You can easily end up with thousands of different results. To get around this vendors help you by providing you with a MIB file. The MIB file is used to specify which OIDs are available on a device. Many vendors provide you with a MIB file for each device you have. Having a MIB file allows you to run a query that is specific to that file, rather than walking through everything.
See also: SMNP tools
When using snmpwalk on a device you will be provided with a range of values by the SNMP agent. You will be walking through the OID from your starting OID onwards. If you enter the snmpwalk command on a device then a similar result to the following will display:
$ snmpwalk -v1 -c public 10.10.1.224 SNMPv2-MIB::sysDescr.0 = STRING: APC Web/SNMP Management Card SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.322.214.171.124 SNMPv2-MIB::sysUpTime.0 = Timeticks: (47372422) 5 days, 11:35:24.22 SNMPv2-MIB::sysContact.0 = STRING: Comparitech SNMPv2-MIB::sysName.0 = STRING: APC-3425 SNMPv2-MIB::sysLocation.0 = sTRING: 3425EDISON SNMPv2-MIB::sysServices.0 = INTEGER: 72 IF-MIB:: ifNumber.0 = INTEGER: 1 IF-MIB:: ifIndex.1 = INTEGER: 1 IF-MIB:: ifDescr.1 =STRING: veya ……… SNMPv2-MIB:: snmpOutGetResponses.0 =Counter32: 338 SNMPv2-MIB: snmpOutTraps.0 = Counter32: 0 SNMPv2-MIB:: snmpEnableAuthenTraps.0 = INTEGER: 0 $
As you can see that is a lot of system information generated by a single command. Most of the lines are comprised of information pulled from the MIB.
snmpwalk example with no MIB
In the example below, you can see a snmpwalk example with no MIB. The second number on the first line, or the
.126.96.36.199.4.1.318, is the OID that we started from.
$ snmpwalk -v1 -c public 10.10.1.224 .188.8.131.52.4.1.318 SNMPv2-SMI::enterprises.3184.108.40.206.220.127.116.11 = STRING: “Silcon DP340E” SNMPv2-SMI::enterprises.318.104.22.168.22.214.171.124 = STRING: “UPS_IDEN” SNMPv2-SMI::enterprises.3126.96.36.199.188.8.131.52 = STRING: “314.10.D ……
snmpwalk example with MIB denoted
However, if you have a specific MIB then you can get more detailed information returned back to you from the objects that you want to view. In the example below the
-m command denotes the MIB that is going to be queried.
$ snmpwalk -v1 -c public -m “./APC-POWERNET.txt” 10.10.1.224 apc PowerNet-MIB::upsBasicIdentModel.0 = STRING: “Silcon DP340E” PowerNet-MIB::upsBasicIdentName.0 = STRING: “UPS_IDEN” PowerNet-MIB::upsAdvIdentFirmwareRevision.0 = STRING: “314.10.D” …..
snmpwalk example command on Linux
Below is a snmpwalk example command on Linux. As you can see this functions in much the same way walking through the OIDs to pull the relevant system information from the connected devices:
# % snmpwalk-v 1 localhost public system # system.sysDescr.o = “SunOS name sun4c” # system.sysObjectID.o = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4 # system.sys.UpTime.o = Timeticks (595637548) 68 days, 22:32:55 # system.sysContact.o = “firstname.lastname@example.org>” # system.sysName.o = “Ridyadh_o8_WS” # system.sysLocation.o = “Ridyadh, KSA” # system.sysServices.o = 72
Save Time with snmpwalk
snmpwalk seems like a complicated concept but it isn’t in reality. The snmpwalk command is simply a shorthand way to use multiple GETNEXT requests without having to type lots of different commands. With one snmpwalk command, you can fire off lots of different GETNEXT and view your infrastructure health.
If you’re using the snmpwalk command then it’s important to remember to cut down the amount of information you receive as much as possible. Specifying a MIB will allow you to see specific information rather than data collected from an entire database of object IDs!
By drawing SNMP data from devices throughout your network this way, you can make sure that you don’t miss anything important happening on your network. After all the snmpwalk command is there to help you pull SNMP data from devices in your network as efficiently as possible.
Using MIB with an SNMP agent
What should you look for in MIB analyzers like snmpwalk?
We reviewed the market for MIB analyzers like snmpwalk and assessed the options based on the following criteria:
- An interpreter for the OID structure of SNMP
- A tool that includes a visual layout of the OID tree
- A view that shows the OID value plus a description for each active node
- A display of whether an OID node has a value or not
- A graphical user interface that is easy to use
- A free trial for a no-risk assessment
- Value for money represented by useful functionality at a good price
SNMP agents collect network device information and store it in a Management Information Base (MIB) and become accessible to powerful SNMP tools.
With Paessler’s PRTG Network Monitor, you can deploy SNMP, MIBS, and OIDs all from within the one intuitive dashboard. PRTG uses SNMP to monitor your network and to handle your MIBs and OIDs. Once set up PRTG can begin collecting all the relevant data on each of the devices on your network and the software they operate. The system information is stored in a tree and branch structure with each vendor making up a branch of the tree, helping you identify and troubleshoot each of the network devices.
- Uses a combination of deep packet analysis, WMI, and SNMP to report network performance data
- Can monitor baselines and automatically alert to abnormalities
- Drag and drop editor makes it easy to build custom views and reports
- Supports a wide range of alert mediums such as SMS, email, and third-party integrations into platforms like Slack
- Each sensor is specifically designed to monitor each application, for example, there are prebuilt sensors whose specific purpose is to capture and monitor VoIP activity
- Supports a freeware version
- Is a very comprehensive platform, not designed for home use hobbyist use
PRTG Network Monitor is available on a 30-day free trial.
What is a MIB walk?
A MIB is the SNMP Management Information Base. This is created through a reference code structure with each item having sub-nodes that are identified by the parent ID plus an extension. So, the MIB has a tree structure. A MIB walk is the process of working through a received MIB report and checking every code defined in the SNMP standard to see if it has an associated value.
Are there any alternatives to SNMP?
SNMP is the only reporting standard that is universally implemented by network device manufacturers. There are some other reporting standards that some of the major device producers install as well. These include Netconf, which is available on Cisco devices – some other manufacturers install this as well. WMI is another option, but this is only available on devices that run Windows.
What is snmpwalk OID?
OID stands for “object identifier.” This is the code that identifies each node on the MIB tree. Therefore, a snmpwalk on OIDs is the same as a MIB walk.
How do you use SNMP GET command in Linux?
The snmpget command in Linux has a number of switches that modify the behavior of the utility. You can see these options by entering snmpget -h Here are the results that you will see:
-H display configuration file directives understood
-v 1|2c|3 specifies SNMP version to use
-V, --version display package version number
For example, you would type in snmpget -V to see the version number of your SNMP implementation
How can I tell if SNMP is running on Linux?
Issue any standard SNMP command at the command line to see if the SNMP service is running. For example, use the snmpget -v command.
How can I tell if SNMP is working on Windows?
To see if SNMP is running on a Windows computer:
- Go to the Start Menu, expand Windows Administrative Tools, and click on Services.
- Scroll down the displayed list of services to find the SNMP entry. Its Status should be Running if it is working.
See also: Best SNMP Monitoring Tools