SNMP GETNEXT command

The snmpwalk.py tool implements SNMP GETNEXT command generator. Its usage is tightly aligned with its Net-SNMP prototype.

Command line syntax is as follows:

snmpwalk.py [options] <peer-address> <mib-object [mib-object […]]>

Options always start with dash (-), other parameters are positional.

Options can be categorized by the part they are tackling e.g.

Past these named options, mandatory positional parameters follow:

Protocol options

The following options have direct influence on SNMP engine operation.

SNMP version

The -v option specifies SNMP version to be used:

  • 1 - SNMP version 1
  • 2c - SNMP version 2c
  • 3 - SNMP version 3

SNMP community

The -c option sets SNMP v1/v2c community name. It serves like a shared secret and identification token between SNMP parties.

Note

The community name is never encrypted on the wire so it’s highly insecure. This is the sole reason why SNMP is sometimes jokingly referred to as Security – Not My Problem.

SNMPv3 USM security name

The -u option sets SNMP user name to the User Security Module subsystem. This is a string from 1 to 32 octets of length. Should be configured in the same way at both SNMP entities trying to communicate.

SNMPv3 USM security level

The -l option configures authentication and encryption features to be used. In SNMP parlance this is known as Security Level. Valid values are:

  • noAuthNoPriv - no authentication and no encryption
  • authNoPriv - use authentication but no encryption
  • authPriv - use both authentication and encryption

SNMPv3 authentication protocol

SNMPv3 messages can be authenticated. The following authentication protocols can be chosen via the -a option:

ID Algorithm Reference
NONE
RFC3414
MD5 HMAC MD5 RFC3414
SHA HMAC SHA-1 128 RFC3414
SHA224 HMAC SHA-2 224 RFC7860
SHA256 HMAC SHA-2 256 RFC7860
SHA384 HMAC SHA-2 384 RFC7860
SHA512 HMAC SHA-2 512 RFC7860

SNMPv3 authentication key

SNMPv3 message authentication involves a shared secret key known to both SNMP parties engaged in message exchange. This secret authentication key (AKA as passphrase) can be conveyed via the -A option.

Note

SNMP authentication key must be at least eight octets long.

SNMPv3 encryption protocol

SNMPv3 messages can be encrypted (AKA as privacy). The following encryption protocols can be chosen via the -x option:

ID Algorithm Reference
NONE
RFC3414
DES DES RFC3414
AES AES CFB 128 RFC3826
AES192 AES CFB 192 RFC Draft
AES256 AES CFB 256 RFC Draft
AES192BLMT AES CFB 192 Blumenthal RFC Draft
AES256BLMT AES CFB 256 Blumenthal RFC Draft
3DES Triple DES EDE RFC Draft

SNMPv3 encryption key

SNMPv3 message encryption involves a shared secret key known to both SNMP parties engaged in message exchange. This secret encryption key (AKA as passphrase) can be conveyed via the -A option.

Note

SNMP encryption (e.g. privacy) key must be at least eight octets long.

SNMPv3 context engine ID

The -E option sets the context engineID used for SNMPv3 REQUEST messages scopedPdu, given as a hexadecimal string. If not specified, this will default to the authoritative engineID.

SNMPv3 engine ID

The -e option sets the authoritative (security) engineID used for SNMPv3 REQUEST messages, given as a hexadecimal string. It is typically not necessary to specify engine ID, as it will usually be discovered automatically.

SNMPv3 context name

The -n option sets the SNMPv3 context name to SNMPv3 REQUEST messages. The default is the empty string. SNMP context name is used to address a specific instance of SNMP managed objects behind a single SNMP agent.

SNMPv3 engine boots and time

The -Z option sets SNMP engine boot counter and its timeline values to SNMPv3 REQUEST message. These values are used for message authentication. It is typically not necessary to specify this option, as these values will usually be discovered automatically.

MIB options

Pre-load MIBs

You may want to pre-load some of the MIB modules to let the snmpwalk.py tool rendering SNMP responses in a more meaningful way.

The -m option specifies a colon separated list of MIB modules (not files) to load. The snmpwalk.py tool will first try to find pre-compiled pysnmp MIB files (by default in ~/.pysnmp/mibs in UNIX), then try to find required ASN.1 MIB file on local filesystem or on Web (by default it will look it up at http://mibs.snmplabs.com/asn1/). If ASN.1 MIB file is found, it will be compiled into pysnmp form and cached for future use.

The special keyword ALL is used to load all pre-compiled pysnmp MIB modules in the MIB directory search list.

MIB files search path

The -M option specifies a colon separated list of local directories and/or URLs pointing to remote HTTP/FTP servers where to search for MIBs.

Note

Default MIB search path is http://mibs.snmplabs.com/asn1/

Input options

The following one-letter options following the -I option modify the way how snmpwalk.py tool processes its input.

Interpret DISPLAY-HINT

The -Ih option disables snmpwalk.py’s attempt to parse input value or index as a DISPLAY-HINT-rendered value.

Output options

The following one-letter options following the -O option modify snmpwalk.py tool’s output.

Equal sign and type information

The -Oq option removes the equal sign (=) and SNMP value type information from the variable-binding being reported on stdout.

$ snmpget.py -v2c -c public -Oq demo.snmplabs.com sysDescr.0
SNMPv2-MIB::sysDescr.0 Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686
$
$ snmpget.py -v2c -c public demo.snmplabs.com sysDescr.0
SNMPv2-MIB::sysDescr.0 = DisplayString: Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686

Type information

The -OQ option removes the SNMP value type information from the variable-binding being reported on stdout.

$ snmpget.py -v2c -c public -OQ demo.snmplabs.com sysDescr.0
SNMPv2-MIB::sysDescr.0 = Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686
$
$ snmpget.py -v2c -c public demo.snmplabs.com sysDescr.0
SNMPv2-MIB::sysDescr.0 = DisplayString: Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686

Managed object path

The -Of option prints out the full path of the managed object in the MIB tree rather than MIB name and MIB object name (the default).

$ snmpget.py -v2c -c public -Of demo.snmplabs.com sysDescr.0
iso.org.dod.internet.mgmt.mib-2.system.sysDescr.0 = DisplayString: Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686

Managed object name

The -Os option prints out just managed object name (excluding MIB name) rather than MIB name and MIB object name (the default).

$ snmpget.py -v2c -c public -Os demo.snmplabs.com sysDescr.0
sysDescr.0 = DisplayString: Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686

Raw OID

The -On option prints out the raw object identifier (OID) rather than human friendly MIB object name:

$ snmpget.py -v2c -c public -On demo.snmplabs.com sysDescr.0
1.3.6.1.2.1.1.1.0 = DisplayString: Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686

Numeric enumerations

The -Oe option disables symbolic labels rendering for the enumeration values:

$ snmpget.py -v2c -c public -On demo.snmplabs.com IF-MIB::ifAdminStatus.1
1.3.6.1.2.1.2.2.1.7.1 = Integer32: 'up'
$
$ snmpget.py -v2c -c public -Oe demo.snmplabs.com IF-MIB::ifAdminStatus.1
IF-MIB::ifAdminStatus."1" = Integer32: 1

Break down table index

The -Ob option disables interpreting SNMP table indices and renders just raw OID instead:

$ snmpget.py  -v2c -c public -Ob demo.snmplabs.com TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389"
TCP-MIB::tcpConnState.195.218.254.105.45632.10.105.41.179.3389 = Integer32: 'established'
$
$ snmpget.py  -v2c -c public demo.snmplabs.com TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389"
TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389" = Integer32: 'established'

Escape table index quotes

The -OE includes extra escaped quotes surrounding SNMP table index parts. This can be useful when UNIX shell is in the processing pipeline.

$ snmpget.py  -v2c -c public -OE  demo.snmplabs.com TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389"
TCP-MIB::tcpConnState.\"195.218.254.105\".\"45632\".\"10.105.41.179\".\"3389\" = Integer32: 'established'

Brackets around table indices

The -OX option surrounds SNMP table index parts with square brackets instead of quotes (default):

$ snmpget.py  -v2c -c public -OX  demo.snmplabs.com TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389"
TCP-MIB::tcpConnState.[195.218.254.105].[45632].[10.105.41.179].[3389] = Integer32: 'established'

Hexified values

The -OT option ensures that rendered values are always in hex:

$ snmpget.py -v2c -c public -OT demo.snmplabs.com sysName.0
SNMPv2-MIB::sysName.0 = DisplayString: 6e 65 77 20 73 79 73 74 65 6d 20 6e 61 6d 65
$
$ snmpget.py -v2c -c public demo.snmplabs.com sysName.0
SNMPv2-MIB::sysName.0 = DisplayString: new system name

Rendering just values

The -Ov option removes managed object name from the rendered output:

$ snmpget.py -v2c -c public -Ov demo.snmplabs.com sysName.0
DisplayString: new system name

Units rendering

The -OU option disables units rendering:

$ snmpget.py -v2c -c public demo.snmplabs.com TCP-MIB::tcpRtoMin.0
TCP-MIB::tcpRtoMin.0 = Integer32: 200 milliseconds
$
$ snmpget.py -v2c -c public -OU  demo.snmplabs.com TCP-MIB::tcpRtoMin.0
TCP-MIB::tcpRtoMin.0 = Integer32: 200

Raw timeticks

The -Ot option disables TimeTicks values interpretation so that raw values get rendered:

$ snmpget.py -v2c -c public -Ot demo.snmplabs.com SNMPv2-MIB::sysORLastChange.0
SNMPv2-MIB::sysORLastChange.0 = TimeStamp: 143145968
$
$ snmpget.py -v2c -c public demo.snmplabs.com SNMPv2-MIB::sysORLastChange.0
SNMPv2-MIB::sysORLastChange.0 = TimeStamp: 16 days 13:37:44.82

Network options

Maximum retries

The -r option specifies how many times the snmpwalk.py tool should retry sending the same request packet till it gives up and reports failure. The value of zero means that just a single (initial) request will be send. The default value is 5.

Response timeout

The -t option specifies how many seconds the snmpwalk.py tool should wait for the initial request and for each retry to produce any response. Once the timeout is reached, the snmpwalk.py tool will either send a retry or fail. Default is one second.

GETNEXT options

The following one-letter options following the -C option modify the way how snmpwalk.py tool behaves. These options are mostly specific to snmpwalk.py’s operation logic.

Ensure increasing OIDs

The -Cc option disables the built-in check for ever increasing response OIDs. SNMP agent returning an out-of-order OID may cause infinite loop between SNMP agent and SNMP manager walking it.

Report time taken

The -Ct option makes snmpwalk.py reporting wall-clock time taken to complete SNMP agent walk.

Report responses count

The -Cp option makes snmpwalk.py reporting the total count of fetched and reported MIB objects during its walk.

Debugging options

Release information

The -V flag reports version information for the snmpwalk.py tool and its underlying libraries.

Debug mode

The -d option prints out raw SNMP packets in hex.

The -D option lets you debug one or more specific SNMP sub-systems. The required argument can be one or more (comma-separated) tokens:

  • io - report input/output activity and raw data being exchanged
  • dsp - report high-level SNMP engine operation
  • msgproc - report SNMP message processing subsystem operation
  • secmod - report SNMP security subsystem operation
  • mibbuild - report MIB files loading and processing
  • mibview - report MIB browser initialization and operation (manager role MIB use)
  • mibinstrum - report MIB instrumentation operation (agent role MIB use)
  • acl - report MIB access control subsystem operation
  • proxy - report built-in SNMP proxy operation
  • app - report SNMP standard application operation
  • all - all of the above (verbose!)

You can also negate the token by prepending it with the ! sign.

SNMP peer address

The first positional parameter specifies SNMP peer address on the network and, optionally, network protocol to use.

The network protocol can be either udp for UDP-over-IPv4 or udp6 for UDP-over-IPv6.

The network address is either IPv4 or IPv6 address or a fully qualified domain name optionally followed by a colon-separated port number. The default for port is 161.

MIB objects specification

The rest of positional parameters specify SNMP managed objects to walk by. Each object can be either:

  • [MIB-name::]object-name[.index[.index]…]
  • MIB-name
  • object-identifier

Note

The MIB object(s) specified are interpreted as a starting point for “walking” the SNMP agent. The SNMP agent will return zero or one next object past the one you’ve asked for.

When MIB name or object-name is referenced, the snmpwalk.py tool will try to locate and load the corresponding MIB module. The OID specification does not require MIB access.

$ snmpwalk.py -v2c -c public demo.snmplabs.com TCP-MIB::tcpRtoMin
TCP-MIB::tcpRtoMin.0 = Integer32: 200 milliseconds
$
$ snmpwalk.py -v2c -c public demo.snmplabs.com 1.3.6.1.2.1.6.2
1.3.6.1.2.1.6.2.0 = Integer32: 200 milliseconds
$
$ snmpwalk.py  -v2c -c public demo.snmplabs.com TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"
TCP-MIB::tcpConnState."195.218.254.105"."45632"."10.105.41.179"."3389" = Integer32: 'established'

If only MIB name is given, the first MIB object in that MIB will be taken as object name

$ snmpwalk.py -v2c -c public demo.snmplabs.com TCP-MIB::
TCP-MIB::tcpRtoAlgorithm.0 = Integer32: 'other'
TCP-MIB::tcpRtoMin.0 = Integer32: 200 milliseconds
...

You can query many MIB objects by a single SNMP GETNEXT request by specifying them all at the command line.

$ snmpwalk.py  -v2c -c public demo.snmplabs.com TCP-MIB:: IF-MIB::
TCP-MIB::tcpRtoAlgorithm.0 = Integer32: 'other'
IF-MIB::ifNumber.0 = Integer32: 2
TCP-MIB::tcpRtoMin.0 = Integer32: 200 milliseconds
IF-MIB::ifIndex."1" = InterfaceIndex: 1
...

The output MIB objects count is guaranteed to be a multiple of the requested MIB objects times the maximum number of response MIB objects for any of the request MIB objects that peer SNMP agent is able to serve.

SNMP GETNEXT examples

SNMPv1 GETNEXT example

The following command will send SNMP v1 GETNEXT message:

  • with SNMPv1, community ‘public’
  • to an Agent at demo.snmplabs.com:161
  • for MIB objects starting from SNMPv2-MIB::system and IF-MIB
snmpwalk.py -v1 -c public demo.snmplabs.com SNMPv2-MIB::system IF-MIB::

SNMPv2c GETNEXT example

The following command will send SNMP v2c GETNEXT message:

  • with SNMPv1, community ‘public’
  • to an Agent at demo.snmplabs.com:161
  • for MIB objects starting from SNMPv2-MIB::system and IF-MIB
snmpwalk.py -v2c -c public demo.snmplabs.com SNMPv2-MIB::system IF-MIB::

SNMPv3 GETNEXT example

The following command will send SNMP v3 GETNEXT message:

  • with SNMPv3, user ‘usr-md5-des’, MD5 authentication, DES encryption
  • to an Agent at demo.snmplabs.com:161
  • for MIB objects starting from SNMPv2-MIB::system and IF-MIB
snmpwalk.py -v3 -l authPriv -u usr-md5-des -A authkey1 -X privkey1 \
    demo.snmplabs.com SNMPv2-MIB::system IF-MIB::