Как включить snmp в вашей операционной системе

how to enable snmp on your operating system

There are several things to consider when configuring SNMP for monitoring. The first and most important step is: Enable SNMP! How enabling SNMP works on computers and servers with Windows, Linux, and macOS operating systems is something we’ll show you in this article.

Be where thousands of Paessler PRTG users share their expertise! Join our LinkedIn group

  • Enabling SNMP on Windows
  • Enabling SNMP on Linux
  • Enabling SNMP on macOS

Для мониторинга серверов VMWare ESXi можно использовать стандартный протокол SNMP. В этой статье мы покажем, как включить и настроить агент SNMP на хостах VMWare ESXi 8.0 (статья подходит для всех версий ESXi, включая 6.7 и 7.0) и добавить их в вашу систему мониторинга.

Встроенный SNMP агент в ESXi можно настроить из командной строки esxcli или PowerShell модуль VMware PowerCLI, но не через графический интерфейса клиента vSphere.

In the late 1980’s, SNMP or the Simple Network Management Protocol first emerged as a solution for managing nodes within a network. Since then SNMP data has been used to measure the system performance of devices across countless vendors to help ensure that networks stay up and running.
Today SNMP is one of the most popular networking protocols in the world and snmpwalk has become a go-to method for scanning multiple nodes at once.

twitter-icon

email-icon

Networking and Cyber Security Specialist


Updated: July 3, 2024

twitter-icon

email-icon

Networking and Cyber Security Specialist


Updated: July 3, 2024

snmpwalk examples for Windows and Linux

The exact syntax for the snmpwalk command depends on the implementation that you are using. So, with the examples that you were advised to download above, the format of the command would be:

For Linux –

$ snmpwalk -v1 -c public 192.168.8.1

This uses SNMP v1 with the community string “public” and looks at the device with the IP address 192.168.8.1.

For Windows, that same query would be written as –

C:\Users\Laptop> snmpwalk -v:1 -r:192.168.8.1 -c:”public”

In that Windows version, you wouldn’t need to put in the -v:1 or -c:”public” parameters because these give the default values. So, if you missed those out, the command would use those values anyway.

Knowing that you are only going to get interesting information from a specific branch of the MIB tree, you can cut the scan short to skip directly to that part of the MIB.

On Linux, try:

$ snmpwalk -v1 -c public 192.168.8.1 .1.3.6.1.4.1.318

On Windows, you would type:

C:\Users\Laptop> snmpwalk -r:192.168.8.1 -os:.1.3.6.1.4.1.318

These two examples are for querying an APC device that has the IP address 192.168.8.1, so alter those numbers for your network.

I’m trying to change printer’s settings: DNS Server’s ipaddress.
In PowerShell it’s possible to recieve current value but trying to write it gives error.

PS C:\Users\user> get-module snmp

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Script     1.0.0.1    snmp                                {Get-SnmpData, Invoke-SnmpWalk, Set-SnmpData}
    
PS C:\Users\user> Get-SnmpData -Community 'private' -IP 10.25.59.143 -OID 1.3.6.1.4.1.1347.40.10.1.1.8.1
    
    OID                             Data
    ---                             ----
    .1.3.6.1.4.1.1347.40.10.1.1.8.1 10.25.83.11
    
    
    PS C:\Users\user> Set-SnmpData -IP 10.25.59.143 -Value "10.25.83.12" -Community 'private' -OID 1.3.6.1.4.1.1347.40.10.1.1.8.1 -ValueType IP
    WARNING: SNMP Set error: Exception when calling "Set" with "5" arguments: "error in response"

I’ve downloaded net-snmp-5.5.1 for Windows command line. The same picture. It’s possible to read but writing throws error.

C:\usr\bin>snmpget -v 1 -c private 10.25.59.143 "1.3.6.1.4.1.1347.40.10.1.1.8.1"
SNMPv2-SMI::enterprises.1347.40.10.1.1.8.1 = IpAddress: 10.25.83.11

C:\usr\bin>Snmpset -v 1 -c private 10.25.59.143 1.3.6.1.4.1.1347.40.10.1.1.8.1 a 10.25.83.12
Error in packet.
Reason: (noSuchName) There is no such variable name in this MIB.
Failed object: SNMPv2-SMI::enterprises.1347.40.10.1.1.8.1

Community value is correct and has permission to write.

How can I tell if SNMP is running in Linux?

Issue any standard SNMP command at the command line to see if the SNMP service is running. For example, use the snmpget -v

What is snmpwalk OID?

OID stands for “object identifier.” This is the code that identifies each node on the MIB tree. Therefore, a snmpwalk on OIDs is the same as a MIB walk.

How can I tell if SNMP is working in Windows?

To see if SNMP is running on a Windows computer:

  1. Scroll down the displayed list of services to find the SNMP entry. Its Status should be Running if it is working.

See also: Best SNMP Monitoring Tools

A note about the SNMP MIB structure

The MIB has a tree structure and there is no set width of branching at each node. The OID is a dot-notation system that shows the trail from the root node to the current node. Each node is represented by a number that has a meaning but you need a reference document to work out what each value means. The OID for a node includes the numbers of all the parent nodes above it. So, the OID shows a path down to a specific point on the MIB tree.

Not every node will be present because in some cases, a node has a series of possible child nodes, each of which represents a value option, for example, 1=Yes and 2=No, so that level of the tree wouldn’t have both the 1 and 2 nodes present because they are mutually exclusive.

Включить протокол SNMPv3 на VMware ESXI

Выше мы рассмотрели, как включить и настроить на хостах ESXi SNMP агент версии 1 и 2. Начиная с ESXi 5.1 поддерживается более современная и безопасная версия SNMP v3.

Включить поддержку протоколов аутентификации и шифрования для SNMP:

esxcli system snmp set -a SHA1 -x AES128

Сгенерируйте хэши для паролей аутентификации и шифрования (замените authpass1 и privhash1 на нужный пароль):

esxcli system snmp hash --auth-hash authpass1 --priv-hash privhash1 --raw-secret

esxcli: создать хэши snmp 3

Теперь нужно указать SNMP-таргет:

Вы можете удаленно проверить SNMP конфигурацию с помощью Linux утилиты snmpwalk:

snmpwalk тестировани snmp 3 на esxi

Теперь вы можете добавить ESXi хост в вашу систему мониторинга.

Например, Zabbix по умолчанию предлагает использовать мониторинг VMware ESXi через API (предустановленный шаблон) без использования SNMP.

После этого добавьте новый хост ESXi и настройте параметры доступа к нему через SNMPv3.

zabbix: добавить мониторинг snmp агента на vmware esxi

Parameters and Options for snmpwalk in Linux

hostname

The SNMP agent name

community

The type of read community

object_id

Specify an object ID to return all SNMP objects below it. If NULL then the root of the SNMP object is taken as the object_id

timeout

Number of microseconds before the first timeout

retries

How many times to retry the connection in the event of a timeout

-Os

Shows the last symbolic element of an OID

-c

Sets a community string

-v

Specifies the SNMP version you want to use

What’s Next?

Enabling SNMP on your operating system wasn’t so hard, was it? Configuring access from other servers to useful system parameters via SNMP might be harder. We will cover this topic in the next articles about SNMP on our blog. Stay tuned!

How to Minimize the Information You See With snmpwalk

One of the first things you’ll notice when running snmpwalk is that there are too many results for you to read. You can easily end up with thousands of different results. To get around this vendors help you by providing you with a MIB file. The MIB file is used to specify which OIDs are available on a device. Many vendors provide you with a MIB file for each device you have. Having a MIB file allows you to run a query that is specific to that file, rather than walking through everything.

See also: SMNP tools

How Does SNMP Work?

The snmpwalk command is a shorthand way to use multiple GETNEXT requests without having to type lots of different commands, fire off lots of different GETNEXT and view your infrastructure health. We look at some snmpwalk examples on Windows and Linux.

However, before we look at the snmpwalk command, we first need to look at how SNMP works. On SNMP-enabled devices, an SNMP agent collects information from the device and stores it within a Management Information Base (MIB) where this data is stored so that it can be accessed whenever the SNMP manager polls the SNMP agent.

When the SNMP Manager queries the SNMP agent, data is taken from the MIB and sent to the SNMP Manager where it can be viewed with a network monitoring tool. There are many different commands that you can use to query an SNMP agent. The most common ways are through the use of the GET or the GET-Next command.

The GET command is used to take an Object Identifier (OID) from the MIB. The GET-Next command is a little more advanced and goes through a MIB tree from OID to OID pulling information. This is where snmpwalk comes in.

What is a MIB walk?

A MIB is the SNMP Management Information Base. This is created through a reference code structure with each item having sub-nodes that are identified by the parent ID plus an extension. So, the MIB has a tree structure. A MIB walk is the process of working through a received MIB report and checking every code defined in the SNMP standard to see if it has an associated value.

What is snmpwalk?

SNMPwalk screenshot

The snmpwalk is issued to the root node of the sub-tree so that system information is gathered from every connected node. This provides you with an efficient way to collect information from a range of devices like routers and switches. The information you collect arrives in the form of OIDs. An OID is an object which is part of the MIB within an SNMP-enabled device.

Настройка параметров SNMP на хосте ESXi через PowerShell

Если вам нужно быстро настроить параметры SNMP на нескольких хостах ESXi, вы можете воспользоваться PowerShell скриптом:

Если у вас есть продвинутая лицензия VMWare Enterprise Plus, вы можете настроить параметр SNMP на ESXi хостах через Host Profiles (Policies and Profiles -> Host Profiles -> ваш профиль -> Other SNMP Agent Configuration).

Настройте здесь следующие опции:

  • Enable or Disable agent: выбрать
  • IP/UDP Port: 161
  • SNMP Community String: public
  • Notification Receiver: задайте адрес сервера мониторинга в формате 192.168.14.140@161/public

Настройка параметров SNMP агента через esxi host profiles

Enabling SNMP on macOS

Current macOS versions include SNMP by default. You can use the basic setup assistant to appropriately configure SNMP on your Mac:

  • Open a new terminal and use this command:
  • sudo snmpconf -g basic_setup

Configure read-only community access for SNMP v1/v2c by answering the setup questions and start the SNMP daemon:

  • sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

Best practice is to add your SNMP daemon to automatic startup to manage the macOS machine via SNMP in a comfortable way.

How snmpwalk operates

The snmpwalk function is like a crawler that steps down each branch of the tree as far as values are available. When it reaches the end of the line, it looks up one level to see whether there are other nodes available apart from the one that was just visited. Each of the nodes can have a variable extent – it is possible that one leads down several levels, another has only one node below it, and another is the end node of a line.

The root node has no number and all of the useful SNMP values are found below just one of the three nodes beneath root. This is the iso node, which is numbered 1. There is only one node beneath iso, which is the org node and it is numbered 3. Beneath the org node is only one node, which is dod (6). There is only one node beneath dod, which is called internet and it is numbered 1. The next level has four nodes, but if you are working with a LAN, all of your meaningful data will appear under private, which is number 4. Below this, you will find only one node: enterprise (number 1).

The top part of the MIB tree means that all useful MIB OIDs start with .1.3.6.1.4.1. If you are a regular investigator of SNMP data, you will remember .1.3.6.1.4.1 like your bank card PIN.

So, the industry has got together and assigned a number to each manufacturer. These are called Private Enterprise Numbers PENs) and the list is maintained by the Internet Assigned Numbers Authority (IANA). You can search the List of Private Enterprise Numbers at the IANA website.

So, if you are looking for data in a MIB from a switch created by Cisco Systems, the OIDs you will be looking at will all start with .1.3.6.1.4.1.9. For a device from APC, the OIDs with interesting information will all start with .1.3.6.1.4.1.318.

Installing snmpwalk in Windows

  1. Download a zip file from https://ezfive.com/snmpsoft-tools/snmp-walk/
  2. Unzip the README and executable file into an easy-to-reach location, such as your Desktop
  3. Locate the README file and open it with Notepad. This file shows the parameters for the command.
  4. Type cmd in the Start search bar and select Command PromptRun as Administrator

While the Linux command is snmpwalk, this version for Windows is capitalized as SnmpWalk. However, don’t worry about capitalization when running the program in Windows because the system is not case sensitive. You will see examples of usage that specifies the command SnmpWalk.exe. However, you don’t need to type the .exe part.

Parameters and Options for snmpwalk in Windows

The SnmpWalk command runs in a Command Prompt window and it has its own parameter invoking format. The takes the form of a dash, an identifier, a colon, and then a value. For example, -r:192.168.2.1 gives the IP address of a device to query. Some variables are switches and don’t need a value.

Here is a list of the variables for SnmpWalk:

Parameter Description Default
-q Quiet mode (suppress header; print variable values only)
-r:host Name or network address (IPv4/IPv6) of remote host
-p:port SNMP port number on remote host 161
-t:timeout SNMP timeout in seconds (1-600) 5
-v:version SNMP version. Supported version: 1, 2c or 3 1
-c:community SNMP community string for SNMP v1/v2c public
-ei:engine_id Engine ID. Format: hexadecimal string. (SNMPv3)
-sn:sec_name SNMP security name for SNMPv3
-ap:auth_proto Authentication protocol. Supported: MD5, SHA (SNMPv3)
-aw:auth_passwd Authentication password (SNMPv3)
-pp:priv_proto Privacy protocol. Supported: DES, IDEA, AES128, AES192, AES256, 3DES (SNMPv3)
-pw:priv_passwd Privacy password (SNMPv3)
-cn:cont_name Context name. (SNMPv3)
-ce:cont_engine Context engine. Format: hexadecimal string (SNMPv3)
-os:start_oid Object ID (OID) of first SNMP variable to walk 0.1
-op:stop_oid Object ID (OID) of last SNMP variable to walk Walk to the very last variable
-csv Output in CSV (Comma Separated Values) format

Some of the parameters can only be used with SNMP version 3. This requirement is noted in the entries for the relevant parameters in the above table.

Save Time with snmpwalk

The concept of snmpwalk seems complicated,  but it isn’t in reality. The snmpwalk command is simply a shorthand way to use multiple GETNEXT requests without having to type lots of different commands. With one snmpwalk command, you can fire off lots of different GETNEXT and view your infrastructure health.

If you’re using the snmpwalk command then it’s important to remember to cut down the amount of information you receive as much as possible. Specifying a MIB will allow you to see specific information rather than data collected from an entire database of object IDs!

By drawing SNMP data from devices throughout your network this way, you can make sure that you don’t miss anything important happening on your network. After all the snmpwalk command is there to help you pull SNMP data from devices in your network as efficiently as possible.

Are there any alternatives to SNMP?

SNMP is the only reporting standard that is universally implemented by network device manufacturers. There are some other reporting standards that some of the major device producers install as well. These include Netconf, which is available on Cisco devices – some other manufacturers install this as well. WMI is another option, but this is only available on devices that run Windows.

Using MIB with an SNMP agent

Our methodology for selecting MIB analyzers like snmpwalk

  • An interpreter for the OID structure of SNMP
  • A tool that includes a visual layout of the OID tree
  • A view that shows the OID value plus a description for each active node
  • A display of whether an OID node has a value or not
  • A graphical user interface that is easy to use
  • A free trial for a no-risk assessment
  • Value for money represented by useful functionality at a good price

SNMP agents collect network device information and store it in a Management Information Base (MIB) and become accessible to powerful SNMP tools.

ManageEngine SNMP MIB Browser

ManageEngine MibBrowser Free Tool

The SNMP MIB Browser from ManageEngine is a visual snmpwalk tool that will run in Windows and Linux.

  • SNMP Operations for retrieving and configuring information on a device
  • SNMP Walk retrieves a subtree of management values using the GET NEXT operation
  • MIB Loading allows the SNMP tools to properly interpret the data they retrieve.
  • Built in SNMP Trap receiver for spotting problems on the network
  • Table View makes it easier to understand and analyze the output
  • SNMP Device Simulation for testing SNMP functionality without a physical device

This is a great free alternative to the big network monitoring systems like PRTG if you just want to see the details in the MIB returned by a specific device. The MIB Browser can also query a series of devices and summarize their MIBs.

Pros:

  • Lets you query a specific device or a range of devices
  • Will run in Linux and Windows
  • Supports SNMP v1, v2, and v3
  • Can be set up to query and read MIBs continuously
  • Has an alert system that can be set up to trigger if a fail status is in a MIB
  • Will send alerts by email
  • Can parse MIBs

Cons:

  • Not a full network monitor

Download the free SNMP MIB Browser from ManageEngine.

PRTG MIB Agent

PRTG MIB browser interface

  • SNMP Monitoring: Monitors network devices using SNMP to ensure efficient performance.
  • MIB Import: Allows easy import of MIB files to extend monitoring capabilities.
  • Custom Alerts: Offers customizable alert settings for proactive issue resolution.
  • Scalable Architecture: Supports a range of network sizes, from small businesses to large enterprises.
  • Intuitive Interface: Features a user-friendly interface for easy setup and navigation.

Pros:

  • Comprehensive SNMP Support: Provides extensive SNMP monitoring for detailed network insights.
  • Ease of Use: The intuitive interface makes configuration and operation straightforward.
  • Customizable Alerts: Enables personalized alert settings to fit specific network requirements.
  • Scalability: Suitable for various network sizes, accommodating growth and changes.
  • MIB File Import: Easily extend monitoring by importing MIB files.

Cons:

  • Complex Initial Setup: Initial configuration may be challenging for users without prior experience.
  • Resource Intensive: Can be demanding on system resources, especially in larger networks.
  • Learning Curve: Users might face a steep learning curve to fully utilize advanced features.

Download the free PRTG MIB browser from Paessler.

Enabling SNMP on Windows

Step 1: Install SNMP

Installing and configuring the SNMP service on the different Windows client and server versions mostly works the same way. You can do it using GUI (Graphical Unit Interface) or via PowerShell. We will show you both methods.

On Windows versions older than Windows 8 and Windows Server 2012, it is already installed. For Windows 8, Windows 10, Windows 11, Windows Server 2012, Windows Server 2016, Windows Server 2019 and Windows Server 2022 you will have to install the SNMP service first. 

If you are running Windows 7, Windows 8/8.1, or Windows 10 up to version 1804, you can enable SNMP via Control Panel. Here’s how:

  1. Right on the Start Menu and then click Programs and Features.
  2. On the left side click on Turn Windows features on or off.
  3. Select Simple Network Management Protocol (SNMP) to install it and then click OK. 01-enabling-snmp-on-windows-add-windows-feature

Your SNMP is installed, and you need to configure it.


If you are running Windows 10 version 1809 and onwards, or Windows 11, you can install SNMP only via PowerShell and not through Control Panel. This change was implemented because Microsoft deprecated SNMP and removed it from Control Panel. However, they still provide an option to install it via PowerShell.

  1. Run PowerShell as Administrator
  2. Type Add-WindowsCapability -Online -Name “SNMP.Client~~~~0.0.1.0“ and press Enter to install SNMP. 02-enabling-snmp-on-windows-add-snmp-powershell

That’s it. You successfully installed SNMP.


If you are running Windows Server 2012 R2 and onwards, including Windows Server 2022, you can install SNMP using PowerShell (similarly to Windows) or through Server Manager (GUI). In this guide, we will demonstrate how to do it using the GUI interface.

  1. Open Server Manager.
  2. Click on Add roles and features
    03-enabling-snmp-on-windows-server-manager-gui
  3. Under Before you begin, click Next.
  4. Under Select installation type, select Role-based or feature-based installation and click Next.
  5. Under Select destination server, click Next.
  6. Under Select server roles, click Next.
  7. Under Select features, select SNMP Service, and then confirm by clicking on Add Features.
    04-enabling-snmp-on-windows-server-add-feature
  8. Click Next and then, Install.

That’s it! You have successfully installed SNMP on Windows Server 2022.


Step 2: Configure SNMP

  1. Open the Services applet by searching for “services.msc” or entering it in the Run command.
  2. Navigate to SNMP Service, right click and select Properties.
  3. Under General, choose Automatic as startup type to have the service always running, even after turning your computer off and on again.
    05-enabling-snmp-on-windows-configure-snmp-service
  4. Navigate to the Agent tab and check if all services listed have enabled SNMP values available.
    06-enabling-snmp-on-windows-configure-snmp-agent
  5. Navigate to the Security tab and configure SNMP settings, including the community string and the IP/host filter list, according to your security compliance requirements. For example, add the community name “public” with READ ONLY rights and allow SNMP packets from at least the address of your monitoring server.
    07-enabling-snmp-on-windows-configure-snmp-security

That’s it! You have successfully configured SNMP on your Windows machine.


Don't really know your way around monitoring with SNMP?  Our four-part course on how to use SNMP for network monitoring and its  advantages will help you improve your network operations. Free email course

Enabling SNMP on Linux

Now look at how you can enable SNMP on Linux. We describe the setup process for Ubuntu, Debian, CentOS and OpenSuse.

In the first step you need to install the SNMP deamon

Ubuntu/Debiansudo apt-get install snmp snmpd snmp-mibs-downloader
CentOSSudo dnf install net-snmp
OpenSuseZypper install net-snmp snmp-mibs

You will now find the SNMP configuration in . Make a backup of the original configuration file and open with an editor. Now set the community string.

Ubuntu/Debian
CentOScom2sec default public
OpenSuse

is the default community string that most SNMP devices listen to. Of course you can also choose a string individually. The only important thing is that the string is also the same on the devices to be queried.

If you are using OpenSuse, the snmpd service may not be activated and started by default. In this case, activate the snmpd service so it will start on system boot with the command: systemctl enable snmpd. Then start the service with the command systemctl start snmpd.

For other Linux distributions you might have to adjust the steps mentioned above slightly.


Installing snmpwalk in Linux

  • Redhat/Fedora/CentOs:
    yum install net-snmp-utils
  • Ubuntu:
    apt-get install snmp

Настройка файервола ESXi для SNMP трафика

Вы можете разрешить трафик SNMP в файерволе хоста ESXi двумя способами. Чтобы разрешить получение SNMP запросов от любых устройств в сети:

esxcli network firewall ruleset set --ruleset-id snmp --allowed-all true
esxcli network firewall ruleset set --ruleset-id snmp --enabled true

Либо вы можете разрешить входящий трафик только от конкретного IP адреса вашего сервера мониторинга, или определенной IP подсети, в которой находятся ваши SNMP сервера:

esxcli network firewall ruleset set --ruleset-id snmp --allowed-all false

esxcli network firewall ruleset allowedip add --ruleset-id snmp --ip-address 192.168.1.0/24
esxcli network firewall ruleset set --ruleset-id snmp --enabled true

Теперь вы можете мониторить ваши ESXi сервера.

Включить и настроить службу SNMP Server в VMWare ESXi

Откройте веба интерфейса ESXi Host client и запустите службу SNMP Serer (snmpd): ESXi хост -> Manage -> Services -> SNMP Server (по умолчанию служба остановлена).

Включить службу SNMP Server в vmware esxi

Включите SSH доступ на ESXi хосте и подключитесь к нему с помощью ssh-клиента (я использую встроенный OpenSSH клиент Windows).

Вывести текущие настройки SNMP:

esxcli system snmp get

esxcli system snmp get - проверка настроек snmp в esxi

SNMP не настроен: все параметры пустые, агент отключен:

Authentication: Communities: Enable: false Engineid:  

Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: Users: V3targets:

Зададим адрес сервера мониторинга (SNMP target), порт (по умолчанию 161 UDP) и имя SNMP community (обычно public):

Если разрешить доступ для нескольких хостов мониторинга, укажите из через запятую:

Задать имя community можно так:

esxcli system snmp set --communities YOUR_COMMUNITY_STRING

Дополнительно можно указать местоположение:

esxcli system snmp set --syslocation "Серверная Дуб. 22, МСК, RU"

esxcli system snmp set --enable true

Чтобы протестировать конфигурацию SNMP:
esxcli system snmp test

esxi cli: включить и протестировать настройки snmp

Для применения настроек перезапустите службу SNMP командой:

snmpd restart перезапуск службы snmp

Чтобы сбросить текущие настройки, выполните:

esxcli system snmp set –r

Для отключения SNMP, выполните:

esxcli system snmp set --disable true

:/>  Синхронизировать время на компьютере с интернетом cmd

Оставьте комментарий