The Simple Network Man­age­ment Protocol (SNMP) is one of the es­tab­lished protocols for com­mu­nic­a­tion in computer networks. Various man­age­ment tools use this client-server protocol, released in 1990, to enable the user to centrally monitor and control all network devices such as routers, switches, or NAS systems. The snmpwalk and snmpget tools allow you to retrieve records from MIBs (Man­age­ment In­form­a­tion Bases) of selected SNMP agents that are installed by default on most Windows and Linux devices. What exactly these two ap­plic­a­tions can do and how they work is explained in this SNMP tutorial.

What’s behind the snmpwalk and snmpget tools?

The command line tools snmpwalk and snmpget are part of the Net-SNMP suite, which im­ple­ments and uses SNMP in IPv4 and IPv6 networks. The tool col­lec­tion is available for most UNIX and Linux systems (in the package manager) as well as for Microsoft Windows, whereby the func­tion­al­ity of the in­di­vidu­al ap­plic­a­tions can vary slightly from system to system. snmpwalk and snmpget are among the included solutions for re­triev­ing in­form­a­tion from SNMP-enabled devices using simple GET requests (snmpget) or multiple GETNEXT requests (snmpwalk).

Z4k1tjp5VZI.jpg To display this video, third-party cookies are required. You can access and change your cookie settings here.

snmpget: simple SNMP queries

The snmpget ap­plic­a­tion can be used to retrieve in­form­a­tion from a network sub­scriber via the Simple Network Man­age­ment Protocol. It uses the SNMP message type “GET”, which requests a specific record on the target system. For this purpose, the host (name or IP address), the community string or au­then­tic­a­tion in­form­a­tion (SNMPv3), and the ap­pro­pri­ate iden­ti­fic­a­tion number (Object Iden­ti­fi­er, OID) must be specified as arguments.

snmpget [options] [community string/authentication information] [host name/address] [object identifier]

snmpwalk: SNMP queries of complete MIBs

With the snmpwalk tool, you not only retrieve a specific data set on the targeted SNMP-enabled device, but also sub­sequent data sets (relevant for tables, for example). In order to query a complete in­form­a­tion tree like this (i.e. a complete MIB), snmpwalk uses messages from the “GETNEXT” type, which request in­form­a­tion from the agent until the end of the re­spect­ive MIB is reached. The syntax of snmpwalk does not differ from the simple queries with snmpget.

snmpwalk [options] [community string/authentification information] [host name/address] [OID]

SNMP tutorial: the most important snmpget and snmpwalk commands

As command line tools, snmpwalk and snmpget can be easily operated from the terminal or command prompt. If you have installed the Net-SNMP suite on your system, you can im­me­di­ately start querying the desired network in­form­a­tion by opening the re­spect­ive command line. We have sum­mar­ised some crucial commands for both programs in this SNMP tutorial.

Note

In­stall­a­tion packages for Net-SNMP can be found in the download area of the official website. Since the binary files for Windows are based on OpenSSL version 0.9.8r, the in­stall­a­tion does not work on systems that have installed version 1.0 or higher for com­pat­ib­il­ity reasons.

This is how data retrieval works with snmpget

To simplify the in­tro­duc­tion to snmpget and its pos­sib­il­it­ies, you can access the help menu as the first step. This lists the available para­met­ers including short ex­plan­a­tions and can be opened with the following command:

snmpget -h
Image: snmpget help menu in the Windows input prompt
Under “OPTIONS”, the snmpget help menu lists all available options for operating the tool, while the options listed under “General options” are used to specify the data set query.

What the command for a standard query of a selected record looks like depends primarily on the un­der­ly­ing protocol version. This is specified in the para­met­ers and de­term­ines whether the community string (SNMPv1 and SNMPv2c) or the re­spect­ive au­then­tic­a­tion method (au­th­No­Priv, authPriv, noAu­th­No­Priv) including the cor­res­pond­ing cre­den­tials (SNMPv3) follows. For example, to query whether a firmware update or an operating system update is available, type in one of the following five version-specific command options:

snmpget query via SNMPv1:

snmpget -v1 -c [Community string] [IP address of the host] [OID for update check]

snmpget query via SNMPv2:

snmpget -v2c -c [Community string] [IP address of the host] [OID for update check]

snmpget query via SNMPv3 (au­then­tic­a­tion, but no en­cryp­tion):

snmpget -v3 -l authNoPriv -u [user name] -a MD5 -A [MD5 hash of user password] [IP address of host] [OID for update check]

snmpget query via SNMPv3 (au­then­tic­a­tion and en­cryp­tion):

snmpget -v3 -l authPriv -u [user name] -a MD5 -A [user password] -x DES -X [DES password] [IP address of host] [OID for update check]

snmpget query via SNMPv3 (no au­then­tic­a­tion, no en­cryp­tion):

snmpget -v3 -l noAuthNoPriv -u [User name] [IP address of the host] [OID for update check]

The result of the query is a numeric value that informs you about the update status. For example, the value “1” indicates that an update is available, while the value “2” is presented if the firmware or operating system is already up to date. To better read and interpret the return values, download the required MIB on the computer you are using to perform the SNMP query, and copy the cor­res­pond­ing file to the /usr/share/snmp/mibs directory. Under Linux/UNIX, you can install an MIB down­load­er for this purpose, which supports you in this project.

sudo apt install snmp-mibs-downloader

How to query complete MIBs with snmpwalk

snmpwalk also gives you the pos­sib­il­ity to call up an overview of required and available para­met­ers. This help menu appears after entering the following command:

snmpwalk -h
Image: Windows prompt: snmpwalk options menu
To run the ap­plic­a­tions of the Net-SNMP suite, first change to the correct directory (by default usr/bin or usr\bin under Windows).

snmpwalk also hardly differs from snmpget when it comes to data retrieval. The main dif­fer­ence is the execution of the commands: While snmpget only returns a single value to the requested OID or displays an error message if no object behind the iden­ti­fic­a­tion number is available, snmpwalk also traverses all subnodes. For example, a detailed list of relevant system in­form­a­tion can be displayed if the iden­ti­fic­a­tion number of the cor­res­pond­ing MIB is known. As with simple GET requests, the required commands depend on the selected protocol version:

snmpwalk query via SNMPv1:

<p>snmpwalk -v1 -c [Community string] [IP address of the host] [OID of the system information MIB]</p>

snmpwalk query via SNMPv2:

snmpwalk -v2c -c -c [Community string] [IP address of host] [OID of system information MIB]

snmpwalk query via SNMPv3 (au­then­tic­a­tion, but no en­cryp­tion):

snmpwalk -v3 -l authNoPriv -u [User name] -a MD5 -A [User password] [IP address of host] [OID of system information MIB]

snmpwalk query via SNMPv3 (au­then­tic­a­tion and en­cryp­tion):

snmpwalk -v3 -l authPriv -u [User name] -a MD5 -A [User password] -x DES -X [DES password] [IP address of host] [OID of system information MIB]

snmpwalk query via SNMPv3 (no au­then­tic­a­tion, no en­cryp­tion):

snmpwalk -v3 -l noAuthNoPriv -u [User name] [IP address of the host] [OID of the system information MIB]

Summary: snmpwalk and snmpget for simple SNMP queries

snmpwalk and snmpget help you to retrieve desired network data via the Simple Network Man­age­ment Protocol. As part of the Net-SNMP suite, the two command line tools are quickly installed on your system and just as easy to use. This SNMP tutorial has shown how easy it is to control a single piece of in­form­a­tion or a complete block of in­form­a­tion, if you know the IP address of the SNMP agent and the re­spect­ive object iden­ti­fi­er.

Go to Main Menu