2

Is there a correct/better way of determining the correct OID to use for SNMP monitoring?

I was able to download the MIB directly from the device, but I am lost on finding the correct OID from the list of hundreds of OIDs. All forums that I've come across have a different model OID, or simply say "use the OID and you'll be good" without details...

Steps Taken

  • downloaded the MIB from the device
  • Verified I could ping the device
  • Verified I could run snmpwalk on the device (NOTE I am not familiar with all features and usage of snmpwalk)
confoundr
  • 347
  • 3
  • 8
  • 18
  • Ask yourself what you want to monitor. All the steps you've taken have proved something (network OK, SNMP agent OK), then what else do you need? – Lex Li Jul 05 '19 at 20:15
  • Thank you. It's temperature specifically. The OID for high and low temperature range values do not appear to be giving me any data back: ```.iso.org.dod.internet.private.enterprises.netBotzAPC.netBotz.netBotzTraps.netBotzSensorTraps.netBotzTempSensorTraps.netBotzTempSensorTraps-0.netBotzTempTooHigh```,```.1.3.6.1.4.1.5528.100.10.2.1.0.2```. – confoundr Jul 05 '19 at 21:48
  • Such are vendor dependent and only the device vendor can tell you which is the right way to go. – Lex Li Jul 06 '19 at 05:13

2 Answers2

2

From my experience, sadly no, I had to get the MIB and try to find in them the correct thing I need to query. (I used a simple mib browser)

For the OID you found, temperature too high, be sure it’s not a boolean value that set it at on/1 when it trigger, it could explain why you read nothing if the device is operating under normal temperature.

Sadly OID usage and documentation is underated online and not popular. I used to create monitoring templates inside a monitoring tool for unknown device from the tool, and I was seen as a black magic user to do so..

The only tip I can tell is watch for the return value, some are string even if they are wrote as a number, and other are simply integer.

yagmoth555
  • 16,300
  • 4
  • 26
  • 48
  • From your feed back it seems like I would need an MIB browser, check the OID's values for what I find in the MIB browser, and then choose the OID based on if I think the value matches. Are there any tools you would recommend? It all does seem like black magic as there doesn't seem to be a straight answer here. – confoundr Jul 09 '19 at 00:04
  • 2
    I ended up using the MIB Browser, was able to chart the status of a temp OID to see the status and then trigger the high temp error by changing tempurature range values/alerts on the device itself: https://www.ks-soft.net/hostmon.eng/mibbrowser/index.htm – confoundr Jul 18 '19 at 22:25
  • 2
    Just found this thread and have downloaded the mibbrowser after spending a day looking for a tool like this. It does exactly what I needed it to do. Amazing that this sort of resource is so scarce. I downloaded the MIB directly from the device. Matching the MIB with an OID was virtually impossible until I saw this post. Thanks guys. – Hoppo Jun 18 '20 at 16:19
1

While a MIB browser can indeed help, you can do a lot of parsing with the NET-SNMP snmptranslate command. There are quite a few options, so consult its man page, but here are a couple of examples.

Let's say I have downloaded MIBs for a Synology device and want to monitor it. I can use snmptranslate to take a peek in the MIBs in a more user-friendly way than just reading the raw MIB file.

To start, I will check out SYNOLOGY-SYSTEM-MIB.txt I have downloaded.

  • Let's find out the actual name of the MIB. Sometimes it is the same as the name of the MIB file, but not always. Statement DEFINITIONS is used to define the name of the MIB.

     $ grep DEFINITIONS SYNOLOGY-SYSTEM-MIB.txt
 SYNOLOGY-SYSTEM-MIB DEFINITIONS ::= BEGIN

    So now I know that the MIB is called SYNOLOGY-SYSTEM-MIB.

  • Next, I will look inside to find the top OID defined in it:

    $ grep MODULE-IDENTITY SYNOLOGY-SYSTEM-MIB.txt
enterprises, MODULE-IDENTITY, OBJECT-TYPE, Integer32
synoSystem MODULE-IDENTITY

    The last line is the intersting one, specifically synoSystem. This is the top OID which I can now use to get the structure of the MIB.

  • When polling an OID in text form, MIB::OID notation should be used. This is so snmp command knows which MIB to use to translate the OID into numerical form which agents understand (very similar to the principle of DNS translation):

    $ snmptranslate -Tp SYNOLOGY-SYSTEM-MIB::synoSystem

    And the output is:

    +--synoSystem(1)
   +-- -R-- Integer32 systemStatus(1)
   |        Range: 1..2
   +-- -R-- Integer32 temperature(2)
   +-- -R-- Integer32 powerStatus(3)
   |        Range: 1..2
   |
   +--fan(4)
   |  |
   |  +-- -R-- Integer32 systemFanStatus(1)
   |  |        Range: 1..2
   |  +-- -R-- Integer32 cpuFanStatus(2)
   |           Range: 1..2
   |
   +--dsmInfo(5)
   |  |
   |  +-- -R-- String    modelName(1)
   |  +-- -R-- String    serialNumber(2)
   |  +-- -R-- String    version(3)
   |  +-- -R-- Integer32 upgradeAvailable(4)
   |           Range: 1..5
   |
   +--systemConformance(6)
      |
      +--systemCompliances(1)
      |  |
      |  +--systemCompliance(1)
      |
      +--systemGroups(2)
         |
         +--systemGroup(1)

  • Now, let's say that I am interested in OID upgradeAvailable so that I can tell when I can upgrade the DSM on this box. I can find more details about it by running:

      $ snmptranslate -Td SYNOLOGY-SYSTEM-MIB::upgradeAvailable

    And the output is:

      SYNOLOGY-SYSTEM-MIB::upgradeAvailable
  upgradeAvailable OBJECT-TYPE
    -- FROM       SYNOLOGY-SYSTEM-MIB
    SYNTAX        Integer32 (1..5)
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION   "This oid is for checking whether there is a latest DSM can be upgraded.
           Available(1): There is version ready for download.
           Unavailable(2): The DSM is latest version.
           Connecting(3): Checking for the latest DSM.
           Disconnected(4): Failed to connect to server.
           Others(5): If DSM is upgrading or downloading, the status will show others."
  ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) synology(6574) synoSystem(1) dsmInfo(5) 4 }

    So now when I actually poll the device, I know I am running the latest DSM:

      $ snmpwalk <snmp parameters> <device> SYNOLOGY-SYSTEM-MIB::upgradeAvailable
  SYNOLOGY-SYSTEM-MIB::upgradeAvailable.0 = INTEGER: 2

Hope this helps someone.

NSD
  • 21
  • 2