SevOne

 View Only

Querying SNMP Objects Using No-Code/Low-Code Action Blocks

By Tim Greenside posted 6 days ago

  

Introduction

In the world of network management, Simple Network Management Protocol (SNMP) is the industry standard method used to allow the network management practitioner to ascertain the status of network devices, links, and components that comprise their network.

There are different practical use-cases that make it advantageous to query devices in order to return their performance and availability metric values (referred to as OID values), such as monitoring utilization status of a link, checking for error conditions, or retrieving availability status of a device or device component.  While there are network management products that are built to regularly poll devices for their OID values (such as IBM SevOne NPM), there are times when it makes sense to use automation to retrieve certain OID values in order to accomplish certain tasks, like adding descriptive metadata to a report, or identifying how many switch ports are available for use.

Background

SNMP represents components and their status values using a standard called Structure of Management Information (SMI) which is a subset of another standard known as Abstract Syntax Notation 1 (ASN.1). Essentially it defines a dotted-decimal string of Object ID (OID) values that represents sets or individual units of numeric or string data related to the device we are looking at.

Example MIB OID value tree using dot-notation:

If you want to retrieve the interface description (ifDescr) for a device, you will need to request the OID value from the device in question using SNMP protocol.

As an example, you will request the ifDescr value to be retrieved from the MIB-2 ifTable using the following dot-notation:

.1.3.6.1.2.1.2.2.1.2.<unique index number>

where the dot-notation numbers represent defined MIB tree well-known names:

  • iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).interfaces(2).ifTable(2).ifEntry(1).ifDescr(2)
  • Note: the <unique index number> referred to above is just that.  If you have three entries in a table, each will have its own index number usually starting with the number 1. This number is appended to the OID string of the object value you are looking to retrieve.

Automating the Retrieval of SNMP Data using IBM’s Rapid Infrastructure Automation (RIA) solution

IBM’s Rapid Infrastructure Automation (RIA) solution uses low-code/node code action blocks in a drag-and-drop interface to create automation workflows to accomplish various tasks.

When it comes to retrieving SNMP data, there are a couple of ways to go about this:

  • SNMPwalk action block;
  • SSH command action block, using the IBM SevOne NMS to issue a snmpwalk command.

There are benefits and nuances of using either method.

  • SNMPwalk action block method:
    • Performs the SNMPwalk directly from IBM RIA worker without requiring an SNMP proxy system
    • OID numeric dot-notation string is required to query (e.g. “1.3.6.1.2.1.2.2.1” to query ifTable)
    • OID index values displayed in numeric dot-notation style
    • OID string values represented by numeric values remain numeric values (less user friendly)
    • IBM RIA automation worker may not have network or ACL access to device (so maybe no result returned)
    • Within the IBM RIA interface, results are easy to iterate through and parse return values using JSON object notation (no/less formatting clean-up required)
  • SSH action block method:
    • Requires a NET-SNMP agent on the SSH host with MIB library to reference (like SevOne NMS has) to act as a SNMP proxy
    • Using MIB look-up (-M switch illustrated in command example below) you can use user-friendly names to request what you are after (e.g. “ifTable” to query ifTable)
    • OID index value output is displayed using user-friendly “mib name::oid name” style
    • OID string value output that is represented by numeric values is displayed using user-friendly “string(number)” notation
    • Using SSH, the SevOne NMS should have network and ACL access to devices (so you are sure to get a result)
    • You must supply the SSH command to perform your request:
      • (example)
        • podman exec -it nms-nms-nms /usr/bin/snmpwalk -M /usr/local/snmp/mibs -v2c -c ***** 10.0.0.10:161 ifTable
    • The result is returned as one big string block, so you need to use ARRAY and STRING formatting action blocks (split, etc.) to iterate through and format the resultSNMP ifTable

SNMPWalk action block result:

SNMP ifTable -- SSH command action block result:

A Practical Example – Port Status

An argument for using the SSH action block method:

If you are displaying OID values as metadata or want to determine which interfaces are “up” vs. “down”:

  • ifAdminStatus.1 is more meaningful to a user than “1.3.6.1.2.1.2.2.1.7.1”.
  • the value “up(1)” is more meaningful to a user than the value “1”.
  • the value “up(1)” is more meaningful to a user than the value “1”.

SSH output (more user-friendly output, but more formatting of output required within IBM RIA (splitting, array handling)):

SNMPwalk output (less user-friendly output, but easier to parse through results in IBM RIA):

Conclusion

A case can be made for using either method, depending on your circumstance:

  • SSH Action Block: For user-friendly output, if you have an IBM SevOne NMS system handy, use the SSH action block method due to the translation of numeric indexes and values into human readable string values.
  • SNMPwalk Action Block: If you don’t have an IBM SevOne NMS system or other SNMP proxy system available, while the output is more difficult to understand, use the SNMPwalk action block method so the IBM RIA worker can poll the device directly.

#TechnicalBlog
#Highlights-home
0 comments
17 views

Permalink