I am trying to configure SNMP on Ubuntu 14.04. There is a step where I have to edit the community string along with sysLocation and sysContact but I am not sure what goes there. What are the sysLocation and sysContact objects in the snmpd.conf file and how I can get those values for my machine?
All SNMP devices share the following common configurable parameters:
sysLocation
sysContact
sysName
Read-write and read-only access
community strings (and frequently, a trap community string)
Trap destination
sysLocation is the physical location for the device being monitored. Its definition in RFC 1213 is:
sysLocation OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The physical location of this node (e.g., 'telephone closet,
3rd floor')."
::= { system 6 }
RFC 1213's definition of sysContact is similar to that of sysLocation:
sysContact OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The textual identification of the contact person for this managed
node, together with information on how to contact this person."
::= { system 4 }
sysContact is a DisplayString. It's fairly obvious what it's used for: it identifies the primary contact for the device in question. It is important to set this object with an appropriate value, as it can help your operations staff determine who needs to be contacted in the event of some catastrophic failure. You can also use it to make sure you're notified, if you're responsible for a given device, when someone needs to take your device down for maintenance or repairs. As with sysLocation, make sure to keep this information up to date as your staff changes. It's not uncommon to find devices for which the sysContact is someone who left the company several years ago.
source: http://docstore.mik.ua/orelly/networking_2ndEd/snmp/ch07_01.htm
SysLocation and SysContact are simply arbitrary SNMP string variables that are part of SNMPV2-MIB and can be fetched with SNMP get.
OID 1.3.6.1.2.1.1.4 == SysContact
OID 1.3.6.1.2.1.1.6 == SysLocation
Most sites I have been involved with use SysLocation as a decription of the location of the SNMP managed network device, and SysContact as the contact details of somebody who is in some way responsible for the device.
Warning: SysContact also has a habit of becoming out of date without being modified when staff changes.
To get sysContact using snmpget command line:
snmpget -v1 -c public localhost system.sysContact.0
where "public" is your community string, and "localhost" is the ip address of the machine you want to send the SNMP query to.
These values are defined by the administrator. Common formats include:
syslocation Rack, Room, Building, City, Country [GPSX,Y]
syscontact Your Name <your#email.address>
If all the equipment you monitor is in the same country you can use the format google maps uses: "street, city, state zip". For example searching google maps for the white house returns:
1600 Pennsylvania Ave NW, Washington, DC 20500
syslocation is often used my monitoring applications to generate visual maps.
Related
I use GetSystemIdForPublisher() to identify machine IDs. According to the documentation they are unique, but I have a handful of machines which return the same ID. These machines are completely unrelated and have no common history. They are located in different countries and belong to different users. The Windows version of these machines is the latest Windows 1909 10.0.18363 update.
The documentation clearly states:
The method will first attempt to use the Trusted Platform Module
(TPM), if present, to get an ID. If a TPM is not present, the method
will try to get an ID from the Unified Extensible Firmware Interface
(UEFI). If neither of these sources is available, this method will
return an ID that is backed by the Windows registry. In the case of
the Windows registry, the ID will not satisfy all the above
guarantees. For example, if a system does not have a TPM or UEFI
support, and thus an ID was obtained from the registry, a clean
install of Windows will result in a new, different ID being returned.
Callers of this method should refer to the Source property of the
returned SystemIdentificationInfo to determine where the ID was
obtained from in order to understand the guarantees provided.
As far as I can see, none of these statements explain to me what is happening here. Does anyone else have an idea whats going on? Any help is highly appreciated!
Addendum:
we got feedback in form of a cpu-z report from 2 persons on 2 different continents with the same machine id:
user A:
Mainboard Model Z87M Extreme4 (0x00000444 - 0xECE9B6D4)
UEFI Yes
BIOS Vendor American Megatrends Inc.
BIOS MSG 63-0100-000001-00101111-1xxxx5-Chipset
BIOS Date 12/10/15
Mainboard Vendor 000001
user B:
Mainboard Model 151-BE-E097 (0x0000025D - 0x0A74C7F0)
UEFI Yes
BIOS Vendor American Megatrends Inc.
BIOS MSG 63-0100-000001-00101111-0XXXX5-Chipset
BIOS Date 09/10/15
Mainboard Vendor 000001
both got the same identifier when calling GetSystemIdForPublisher():
XlPRXXXlAPXk-yFXXXJUv3-XXXXXXXXXXXXX = [source is UEFI, ]
==> X included for obfuscation
We have around 60 customers worldwide whose computers return this exact ID.
I'm working with SNMP and was given a command to use. However, I'm trying to break it down into its components so I can understand if I need to change anything. I've found documentation on pretty much everything except for the last part.
The command has this structure:
snmpwalk -v 2c -c communityname address.com .1
From my understanding the meaning of this structure is:
snmpwalk - command
-v 2c - specifies that the version is 2c, options are 1, 2c, 3
-c communityname - specifies the community name, which is like a password to an extent
address.com - the address of the computer in question
.1 - What is this ? I can't seem to find much documentation on it.
man snmpwalk and snmpwalk -h should give you the info you need on the various parameters.
The .1 is the OID and it is an optional parameter to that command, and it pinpoints a point in the hierarchical SNMP MIB on the SNMP agent host. The walk will retrieve all OIDs "below" that point.
Have a read at http://www.net-snmp.org and get a SNMP book to learn about SNMP and MIBs and OIDs; but quoting from SNMP wikipedia article:
SNMP itself does not define which information (which variables) a
managed system should offer. Rather, SNMP uses an extensible design,
where the available information is defined by management information
bases (MIBs). MIBs describe the structure of the management data of a
device subsystem; they use a hierarchical namespace containing object
identifiers (OID). Each OID identifies a variable that can be read or
set via SNMP.
EDIT: Here is image to show the OID tree with ".1" i.e. ISO just below the root.
There are various ways to retrieve the Windows "Device Name" of a HID device, GetRawInputDeviceInfo with RIDI_DEVICENAME being one way to do it.
Given the example name:
\?\HID#VID_FEED&PID_DEAD#6&3559c8ea&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}
I'm wondering if there is any documentation whatsoever on what is what in this string?
\?\HID#VID_AAAA&PID_BBBB#C&DDDDDD&E&FFFF#{GUID}
So the obvious ones are A(VID), B(PID) and the GUID on the end. What I'm wondering is what EXACTLY are C, D, E and F?
It seems that C and D are unique even if you plug in two of the exact same HID devices which is great for my problem, but I'd feel more comfortable if I could know exactly how this is determined on a per OS basis, or at least that it follows some known format.
I have been googling like a madman trying to figure this out, am I missing something obvious?
Thanks in advance
According to a similar MSDN post, the value represents a unique device instance ID:
the device instance ID is unique and constant for the physical
location the device is plugged into, but it is also opaque and should
not be parsed. that means it can be used for string comparison, but
not for interpretation.
It is actually device interface instance id (symbolic link name). And yes, its unique and persists across system restart. Some details also here.
You can use CM_Get_Device_Interface_Property or SetupDiGetDeviceInterfaceProperty on interface instance id with DEVPKEY_Device_InstanceId to get device instance id (one device can have multiple interfaces).
In your example - you have a HID device. Its device id format is described here.
Info on general USB devices id format is here.
After you have device instance id you can use CM_Get_DevNode_Property or SetupDiGetDeviceProperty with DEVPKEY_NAME to get localized friendly name of a device (which is shown in Device Manager).
To sum up:
\\?\HID#VID_203A&PID_FFFC&MI_01#7&2de99099&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd} - is device interface id (also referred as "device interface path" or "device name" in docs). This is path in virtual device file system.
{378de44c-56ef-11d1-bc8c-00a0c91405dd} - device interface class guid (GUID_DEVINTERFACE_MOUSE in this case. It determines which IOCTLs can be called on this device. IOCTL_MOUSE_QUERY_ATTRIBUTES in this case)
HID\VID_203A&PID_FFFC&MI_01\7&2de99099&0&0000 - is device instance id
NOTE: exact device interface id format is not documented, each device interface can generate file name it want. I don't recommend you to parse it - it could be changed in later Windows version, better aquire device instance id - it is documents at least.
I'm unable to get the manufacturer serial number when I do an SNMP get on an OID .2.47.1.1.1.1.11.1.0. If I do an snmpget with the below command on the OID with the command:
snmpget -v1 -c public 192.168.4.99 .2.47.1.1.1.1.11.1.0
I get the message:
Reason: (noSuchName) There is no such variable name in this MIB.
Failed object: joint-iso-ccitt.47.1.1.1.1.11.1.0
I did search on google for the possible cause of error by going to this SO thread as it is caused by missing the instance subidentifier.
I performed an SNMPtranslate for the OID and I got the below string joint-iso-ccitt.47.1.1.1.1.11.1.0.
And when I performed an snmpwalk on the OID by the below command i get the message as END OF MIB.
snmpwalk -v1 -c public 192.168.4.1 .2.47.1.1.1.1.11.1.0
Please let me know where I'm going wrong and let me know the exact generic OID to get the manufacturers serial number.
Who tells you the OID is .2.47.1.1.1.1.11.1.0?
Seriously speaking, a normal OID starts with .1, except .0.0 which is very special.
If you start with walking the top of the MIB tree, you'll soon find out which variables your equipment supports:
snmpwalk -v1 -c public -Ont 192.168.4.1 .1
Remove the "-Ont" to get translated names, where possible, instead of the fully numeric OIDs.
If you're looking for vendor-independent data, you could look into a MIB that most equipment supports, SNMPV2-MIB:
http://www.ietf.org/rfc/rfc3418.txt
However, you'll find it does not contain any serial number variable. Most vendors provide a vendor-specific (or product-specific) MIB which will define, among other things, serial number. However, like most things in SNMP, it's entirely up to each vendor which MIBs they choose to implement.
In our WinRT application, we need a unique identifier for a logged in user that 100% consistent between app launches on the same device and persists between app uninstallations and re-installations on the same device. The identifier only has to be consistent for the same logged in user.
We have looked into the ASHWID but "hardware drift" will permute this ID in unpredictable ways and it is not suitable for our design.
Question: Could the EasClientDeviceInformation.Id be suitable? It sounds good but I can't find much documentation or use cases for it. When and how might this ID change?
EasClientDeviceInformation.Id | id property
Returns the identifier of the local computer. The Id property
represents the DeviceId using the GUID truncated from the first 16
bytes of the SHA256 hash of MachineID, User SID, and App ID where the
MachineID uses the SID of the local users group. Each component of the
GUID is returned in network byte order.