I am trying to send a SNMP trap specifying the sender's agent ip address.
I have been tesing net-snmp snmptrap command and its options but I can't seem to be able to modify the senders address field of the trap itself.
I'm looking for something like:
snmptrap -v 2c -c public destination_ip *SOURCE_AGENT_ADDRESS* MIB OID VALUE
If anyone knows if there is any tool out there that can do this or can suggest a python library it would be great.
If you are using SNMPv1 with the snmptrap tool, it should let you specify agent address explicitly.
If you are using SNMPv2c, there is no dedicated field for agent address in the SNMP packet. But the standard allows you to put your agent address value into a pre-defined variable-binding (1.3.6.1.6.3.18.1.3.0 perhaps). It works in the same way for other legacy SNMPv1 TRAP PDU fields.
You should be able to do that with pysnmp as well:
from pysnmp.hlapi import *
errorIndication, errorStatus, errorIndex, varBinds = next(
sendNotification(
SnmpEngine(),
CommunityData('public'),
UdpTransportTarget(('demo.snmplabs.com', 162)),
ContextData(),
'trap',
NotificationType(
ObjectIdentity('1.3.6.1.4.1.20408.4.1.1.2.0.432'),
).addVarBinds(
# agent uptime
('1.3.6.1.2.1.1.3.0', 12345),
# agent address
('1.3.6.1.6.3.18.1.3.0', '127.0.0.1'),
# enterprise OID
('1.3.6.1.6.3.1.1.4.3.0', '1.3.6.1.4.1.20408.4.1.1.2'),
# user variable-bindings may follow
)
)
)
Related
i try to monitor values with nagios over snmp from my two audiocodes SBCs (M500L).
For these i download two MIBs "AC-ALARM-MIB" + "IP-MIB_rfc4293" from https://github.com/librenms/librenms/tree/master/mibs/audiocodes rename it to .txt at the end and upload it to my ubuntu server in path /usr/share/snmp/mibs/.
Then i try to use the following command in command line.
snmpget -v3 -l authPriv -u xxxxxx -a SHA -A xxxxx -x AES -X xxxxx 123.456.789.100 AcAlarm:acActiveAlarmName
and i get the following output
AcAlarm::acActiveAlarmName = No Such Instance currently exists at this OID
I try to find out the OID from these in MIB Browser - seems like it is " .1.3.6.1.4.1.5003.11.1.1.1.1.5". When i use these OID i get same output.
Anyone has an idea?
SNMP treats all values as being entries in some database. OIDs are used to identify entries in this conceptual database. MIB files allow an SNMP manager to translate OIDs into a human-readable string, with an accompanying textual description.
The issue here is not that the MIB files are bad, or the OIDs are wrong, the problem is that, either the devices that hold this (imaginary) database do not support the entries you are trying to access, or that your user is not authorized to access those entries. A simple way to find out what OIDs are supported would be to do a full walk of the database, using something like snmpwalk <hostname> 1.3.6.1
I am trying to send snmp traps using TLS/DTLS with net-snmp 5.7.2 package. I am unable to see the source and destination address in my trap message. It is showing 'unknown' instead of the address.
I used the below command to send the trap.
snmptrap -Ci -v 3 -T our_identity=snmpd -T their_identity=manager tlstcp:{destination_ip}:10162 "" UCD-SNMP-MIB::ucdStart
The trap I received was
2021-01-09 19:11:30 TLSTCP: unknown [TLSTCP: unknown]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (37091491) 4 days, 7:01:54.91 SNMPv2-MIB::snmpTrapOID.0 = OID: UCD-SNMP-MIB::ucdStart
This is my snmptrapd configuration file.
[snmp] localCert manager
certSecName 20 snmpd --sn joecool
authUser log -s tsm joecool
I have tried using '-n' flag in the snmptrapd server to use numeric address instead of attempting hostname lookups but it didn't help.
I faced no such issue while using snmp v2 or snmp v3 (usm) for sending traps.
Hi i have written the bash script for downloading configuration from switches and save it to TFTP server.
snmpset -v 2c -c Zaloznik 192.168.50.22 1.3.6.1.4.1.1991.1.1.2.1.6.0 s test_skript.cfg 1.3.6.1.4.1.1991.1.1.2.1.66.0 x C0A846D2 1.3.6.1.4.1.1991.1.1.2.1.9.0 i 22 >> /dev/null;
But it always tell me this:
Error in packet. Reason: wrongLength (The set value has an illegal
length from what the agent expects) Failed object:
iso.3.6.1.4.1.1991.1.1.2.1.66.0
C0A846D2 is a HEX format of ip 192.168.70.210.
Don't you know how to fix it ? Please help, i have tried many combinations and nothing working.
Thanks.
Problem solved, there was a problem with switches that want to have an info about
type of ip address (ipv4 or ipv6), then ip address of tftp, file name and after that he can send config files to tftp.
So i have to add another snmp OID (ip address type) into the script and then it works.
I am trying to send an snmp message with snmptrap from the commandline, and the manual isn't super clear.
I have managed to send the example message successfully (10.0.0.1 == where I'm sending the messages to)
snmptrap -v 1 -c private 10.0.0.1 NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification "" 6 17 "" netSnmpExampleHeartbeatRate i 13546
But when I want to send a resynchronisation message such as:
snmptrap -v 1 -c private 10.0.0.1 HW-IMAPV1NORTHBOUND-TRAP-MIB::hwNmNorthboundEventSynchronizationCommandStart
I need to add a few more arguements. I've tried adding myip:myport:date:date or just myip:myport, but no success. I'm not too clear on what should be the following arguements. The man page:
snmptrap -v 1 [COMMON OPTIONS] [-Ci] enterprise-oid agent generic-trap specific-trap uptime [OID TYPE VALUE]
What should be the generic-trap, specific-trap etc?
From the MIB files:
: 1.3.6.1.4.1.2011.2.15.1.7.7.4
hwNmNorthboundEventSynchronizationCommandStart OBJECT-TYPE
SYNTAX OCTET STRING
ACCESS read-write
STATUS mandatory
DESCRIPTION
Format to omit dst flag:- IP:port:start time:end time:timezone, will consider the dstflag to be 0
Does someone have a bit more experience than me with SNMP to understand what I need to put in the command line arguements?
thanks!
I don't know if I should delete this question, or leave it, but my problem was partly because somehow the mib file was no read, and I had to use the OID directly. Otherwise the "arguments" depends on the mib file, the 6 is always 6, the 17 on the otherhand should correspond to the last number in the oid of the mib..
I'm attempting to use Ruby SNMP to capture SNMP traps from various devices. In order to test them I'm attempting to send them from my laptop using the 'snmptrap' command. I can see that the traps are being sent and arriving at my server (the server is the manager) in packet captures, as well as in the 'snmptrapd' utility when I run it. I'm using the following example code exactly as it is, in the demo from the documentation to set up a TrapListener.
require 'snmp'
require 'logger'
log = Logger.new(STDOUT)
m = SNMP::TrapListener.new do |manager|
manager.on_trap_default do |trap|
log.info trap.inspect
end
end
m.join
I'm sending an SNMPv2c trap, and nothing ever appears on the screen...
Here is the command I'm using to send a test SMTP trap, in the even that it's useful:
snmptrap -v 2c -c public hostname_goes_here SNMP-NOTIFICATION-MIB::snmpNotifyType SNMPv2-MIB::sysLocation
Any suggestions appreciated! Thanks!
I was stuck on this for a long time as well. It turns out that by default, Traplistener only opens ports on 127.0.0.1. To make it listen on ALL interfaces on the port you specified (or default port 162), specify a :Host option. '0' makes it listen on ALL interfaces, or you can provide an IP address.
log = Logger.new(STDOUT)
m = SNMP::TrapListener.new(:Host => 0) do |manager|
manager.on_trap_default do |trap|
log.info trap.inspect
end
end
m.join