https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81476#M16819 <P>Here is a simple quick and dirty prototype of an snmp manager I've written using pysnmp.</P> <P><PRE><CODE><BR /> from pysnmp.entity import engine, config<BR /> from pysnmp.carrier.asynsock.dgram import udp<BR /> from pysnmp.entity.rfc3413 import cmdgen<BR /> from pysnmp.smi import builder, view, error<BR /> from time import localtime, strftime<BR /> import sys, os </CODE></PRE></P> <H1>parses response from getoidval</H1> <P>def cbFun(sendRequestHandle, errorIndication, errorStatus, errorIndex,varBinds, cbCtx): <BR /> cbCtx['errorIndication'] = errorIndication<BR /> cbCtx['errorStatus'] = errorStatus<BR /> cbCtx['varBinds'] = varBinds <BR /> return 1 # will countine if using bulk or next</P> <H1>gets oid and value</H1> <P>def getoidval(agentname, params, communitystr, targetadd, targetport, targetoid):<BR /> snmpEngine = engine.SnmpEngine()<BR /> #transport and snmpv2 setup<BR /> config.addV1System(snmpEngine, agentname, communitystr)<BR /> config.addTargetParams(snmpEngine, params, agentname, 'noAuthNoPriv', 1)<BR /> config.addTargetAddr( snmpEngine, targetname, config.snmpUDPDomain,(targetadd, targetport), params)<BR /> config.addSocketTransport(snmpEngine,config.snmpUDPDomain,udp.UdpSocketTransport().openClientMode())<BR /><BR /> #test = cmdgen.NextCommandGenerator().sendReq(snmpEngine, targetname, ((targetoid, None),), cbFun)<BR /> cbCtx = {}<BR /> cmdgen.GetCommandGenerator().sendReq(snmpEngine, targetname, ((targetoid, None),), cbFun, cbCtx)</P> <PRE><CODE>snmpEngine.transportDispatcher.runDispatcher() return cbCtx </CODE></PRE> <H1>generates tsv file for all oid give for target</H1> <P>def gensnmbtsv(agentname, params, communitystr, targetadd, targetport, lstoid,basepath, filename):<BR /> mibView = view.MibViewController(mibBuilder)<BR /> lstreturn = []<BR /> localdate = strftime("_%Y-%m%d", localtime())<BR /> timestamp = strftime("%Y-%m-%d\t%H:%M\t",localtime())<BR /> header = 'date time\t'<BR /> value = timestamp<BR /> tsvname = basepath + filename + localdate + '.tsv'<BR /> errname= basepath + filename + 'Err.log'<BR /> for targetoid in lstoid:<BR /><BR /> dictoidval = {}<BR /> returnoid = getoidval(agentname, params, communitystr, targetadd, targetport, targetoid)<BR /> if returnoid['errorIndication']:<BR /> errfile = open(errname, 'a')<BR /> errfile.write(timestamp+str(returnoid['errorIndication']) + '\n')<BR /> print str(returnoid['errorIndication'])<BR /> errfile.close()<BR /> sys.exit(12)<BR /> elif returnoid['errorStatus']:<BR /> errfile = open(errname, 'a')<BR /> errfile.write(timestamp+str(returnoid['errorStatus']) + '\n')<BR /> print str(returnoid['errorStatus'])<BR /> errfile.close()<BR /> sys.exit(12)<BR /> else:<BR /> try:<BR /> oid, labels, suffix = mibView.getNodeName(returnoid['varBinds'][0][0])<BR /> dictoidval[labels[-1]] = str(returnoid['varBinds'][0][1])<BR /> lstreturn.append(dictoidval)<BR /> except:<BR /> print 'Unable to find label associated with oid. Make sure you have loaded all necessary .py MIB definitions. This can done by using builder.MibBuilder().loadModules.'<BR /> sys.exit(12)<BR /> for i in range(len(lstreturn)):<BR /> header += lstreturn[i].keys()[0] + '\t'<BR /> value += lstreturn[i].values()[0] + '\t'<BR /> tsvfile = basepath + filename + localdate<BR /> if not (os.path.exists(tsvname)):<BR /> tsvfile =open(tsvname, 'w')<BR /> tsvfile.write(header.lower() + '\n' + value +'\n')<BR /> tsvfile.close()<BR /> else:<BR /> tsvfile =open(tsvname, 'a')<BR /> tsvfile.write(value + '\n')<BR /> tsvfile.close()</P> <H1>Main</H1> <H1>########################</H1> <H1>Set alternative location of mib sources and loads mibs</H1> <P>mibsource = '&lt;pysnmpMibDir&gt;/mib'<BR /> mibBuilder = builder.MibBuilder()<BR /> mibPath = mibBuilder.getMibSources() + (builder.DirMibSource(mibsource),)<BR /> mibBuilder.setMibSources(*mibPath)<BR /> mibBuilder.loadModules('MSFT-MIB','WINDOWS-NT-PERFORMANCE','SNMPv2-TC','RFC1213-MIB','RFC1155-SMI','RFC1158-MIB','RFC1354-MIB','MSFT-MIB','WINS-MIB','InternetServer-MIB','HTTPSERVER-MIB')</P> <P>agentname = ''<BR /> params = ''<BR /> targetname = ''<BR /> communitystr = ''<BR /> targetadd = ''<BR /> targetport = 161<BR /> lstoid = ['1.3.6.1.4.1.311.1.7.3.1.14.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.15.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.16.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.17.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.18.0',]<BR /> basepath = '&lt;script path/python/snmp/&gt;' # Where error and out put wil be placed<BR /> filename = '&lt;somename&gt;' # file will be a tsv with current data appended</P> <P>gensnmbtsv(agentname, params, communitystr, targetadd, targetport, lstoid,basepath, filename)</P> <P>sys.exit(0)<BR /> </P> Thu, 20 Sep 2012 21:20:27 GMT bmacias84 2012-09-20T21:20:27Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81472#M16815 <P>I am looking for resources on how to poll e.g. Cisco ASA firewalls via snmp (snmpget) from Splunk. I would like to pull things like interface usage, RAM usage, CPU usage etc, anything that can be gathered via SNMP. </P> <P>Is it something along the lines of scripting snmpgets, writing output into a file on the splunk server and then pulling the data out?</P> <P>Does anyone have any good examples for this?</P> Thu, 14 Apr 2011 05:30:20 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81472#M16815 splunker30039 2011-04-14T05:30:20Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81473#M16816 <P>I don't have a good example, but yes it's fundamentally how you describe it - define a scripted input into Splunk that runs your script to do the various <CODE>snmpget</CODE> commands and format their output.</P> <P>One thing to consider might be that Cisco has always been a little skimpy in their PIX/ASA MIBS. The stuff you're looking for might not be available via SNMP - but you could always resort to something like expect.</P> Thu, 14 Apr 2011 06:53:36 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81473#M16816 dwaddle 2011-04-14T06:53:36Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81474#M16817 <P>I could need some pointers on how to do that, tbh. Thanks.</P> Thu, 14 Apr 2011 08:40:08 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81474#M16817 splunker30039 2011-04-14T08:40:08Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81475#M16818 <P>This is something that I'll try to look into when I have time.</P> Fri, 15 Apr 2011 05:01:49 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81475#M16818 dwaddle 2011-04-15T05:01:49Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81476#M16819 <P>Here is a simple quick and dirty prototype of an snmp manager I've written using pysnmp.</P> <P><PRE><CODE><BR /> from pysnmp.entity import engine, config<BR /> from pysnmp.carrier.asynsock.dgram import udp<BR /> from pysnmp.entity.rfc3413 import cmdgen<BR /> from pysnmp.smi import builder, view, error<BR /> from time import localtime, strftime<BR /> import sys, os </CODE></PRE></P> <H1>parses response from getoidval</H1> <P>def cbFun(sendRequestHandle, errorIndication, errorStatus, errorIndex,varBinds, cbCtx): <BR /> cbCtx['errorIndication'] = errorIndication<BR /> cbCtx['errorStatus'] = errorStatus<BR /> cbCtx['varBinds'] = varBinds <BR /> return 1 # will countine if using bulk or next</P> <H1>gets oid and value</H1> <P>def getoidval(agentname, params, communitystr, targetadd, targetport, targetoid):<BR /> snmpEngine = engine.SnmpEngine()<BR /> #transport and snmpv2 setup<BR /> config.addV1System(snmpEngine, agentname, communitystr)<BR /> config.addTargetParams(snmpEngine, params, agentname, 'noAuthNoPriv', 1)<BR /> config.addTargetAddr( snmpEngine, targetname, config.snmpUDPDomain,(targetadd, targetport), params)<BR /> config.addSocketTransport(snmpEngine,config.snmpUDPDomain,udp.UdpSocketTransport().openClientMode())<BR /><BR /> #test = cmdgen.NextCommandGenerator().sendReq(snmpEngine, targetname, ((targetoid, None),), cbFun)<BR /> cbCtx = {}<BR /> cmdgen.GetCommandGenerator().sendReq(snmpEngine, targetname, ((targetoid, None),), cbFun, cbCtx)</P> <PRE><CODE>snmpEngine.transportDispatcher.runDispatcher() return cbCtx </CODE></PRE> <H1>generates tsv file for all oid give for target</H1> <P>def gensnmbtsv(agentname, params, communitystr, targetadd, targetport, lstoid,basepath, filename):<BR /> mibView = view.MibViewController(mibBuilder)<BR /> lstreturn = []<BR /> localdate = strftime("_%Y-%m%d", localtime())<BR /> timestamp = strftime("%Y-%m-%d\t%H:%M\t",localtime())<BR /> header = 'date time\t'<BR /> value = timestamp<BR /> tsvname = basepath + filename + localdate + '.tsv'<BR /> errname= basepath + filename + 'Err.log'<BR /> for targetoid in lstoid:<BR /><BR /> dictoidval = {}<BR /> returnoid = getoidval(agentname, params, communitystr, targetadd, targetport, targetoid)<BR /> if returnoid['errorIndication']:<BR /> errfile = open(errname, 'a')<BR /> errfile.write(timestamp+str(returnoid['errorIndication']) + '\n')<BR /> print str(returnoid['errorIndication'])<BR /> errfile.close()<BR /> sys.exit(12)<BR /> elif returnoid['errorStatus']:<BR /> errfile = open(errname, 'a')<BR /> errfile.write(timestamp+str(returnoid['errorStatus']) + '\n')<BR /> print str(returnoid['errorStatus'])<BR /> errfile.close()<BR /> sys.exit(12)<BR /> else:<BR /> try:<BR /> oid, labels, suffix = mibView.getNodeName(returnoid['varBinds'][0][0])<BR /> dictoidval[labels[-1]] = str(returnoid['varBinds'][0][1])<BR /> lstreturn.append(dictoidval)<BR /> except:<BR /> print 'Unable to find label associated with oid. Make sure you have loaded all necessary .py MIB definitions. This can done by using builder.MibBuilder().loadModules.'<BR /> sys.exit(12)<BR /> for i in range(len(lstreturn)):<BR /> header += lstreturn[i].keys()[0] + '\t'<BR /> value += lstreturn[i].values()[0] + '\t'<BR /> tsvfile = basepath + filename + localdate<BR /> if not (os.path.exists(tsvname)):<BR /> tsvfile =open(tsvname, 'w')<BR /> tsvfile.write(header.lower() + '\n' + value +'\n')<BR /> tsvfile.close()<BR /> else:<BR /> tsvfile =open(tsvname, 'a')<BR /> tsvfile.write(value + '\n')<BR /> tsvfile.close()</P> <H1>Main</H1> <H1>########################</H1> <H1>Set alternative location of mib sources and loads mibs</H1> <P>mibsource = '&lt;pysnmpMibDir&gt;/mib'<BR /> mibBuilder = builder.MibBuilder()<BR /> mibPath = mibBuilder.getMibSources() + (builder.DirMibSource(mibsource),)<BR /> mibBuilder.setMibSources(*mibPath)<BR /> mibBuilder.loadModules('MSFT-MIB','WINDOWS-NT-PERFORMANCE','SNMPv2-TC','RFC1213-MIB','RFC1155-SMI','RFC1158-MIB','RFC1354-MIB','MSFT-MIB','WINS-MIB','InternetServer-MIB','HTTPSERVER-MIB')</P> <P>agentname = ''<BR /> params = ''<BR /> targetname = ''<BR /> communitystr = ''<BR /> targetadd = ''<BR /> targetport = 161<BR /> lstoid = ['1.3.6.1.4.1.311.1.7.3.1.14.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.15.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.16.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.17.0',<BR /> '1.3.6.1.4.1.311.1.7.3.1.18.0',]<BR /> basepath = '&lt;script path/python/snmp/&gt;' # Where error and out put wil be placed<BR /> filename = '&lt;somename&gt;' # file will be a tsv with current data appended</P> <P>gensnmbtsv(agentname, params, communitystr, targetadd, targetport, lstoid,basepath, filename)</P> <P>sys.exit(0)<BR /> </P> Thu, 20 Sep 2012 21:20:27 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81476#M16819 bmacias84 2012-09-20T21:20:27Z https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81477#M16820 <P>Check out this new add-on : <A href="http://splunk-base.splunk.com/apps/88686/snmp-modular-input">http://splunk-base.splunk.com/apps/88686/snmp-modular-input</A></P> Tue, 28 May 2013 21:24:04 GMT https://community.splunk.com/t5/Getting-Data-In/snmpget-snmptrap-Splunk-and-SNMP-polling/m-p/81477#M16820 Damien_Dallimor 2013-05-28T21:24:04Z