How to use snmpwalk:

• from a Discovery appliance (On Prem only)?
• from an Outpost (On Prem and Helix Discovery)?

1- From Discovery Appliance (On Prem only)

• • Open an ssh session (tideway user)
  • Execute the command below, where <DeviceIP> or "x.x.x.x" is the ip of the endpoint to capture and <COMMUNITY> is the community string:

/usr/tideway/snmp++/bin/snmpWalk <DeviceIP> -v2c -C<COMMUNITY>

For a list of available options and usage notes, run "./snmpWalk --help". These undocumented options are also available: "-sl1" for noAuthNoPriv, and "-sl2" for authNoPriv.

Examples for:

- SNMP v1: 

/usr/tideway/snmp++/bin/snmpWalk x.x.x.x  -v1 -Cpublic

- SNMP V2c : 

/usr/tideway/snmp++/bin/snmpWalk x.x.x.x -v2c -Cpublic

- SNMP V3 : 

/usr/tideway/snmp++/bin/snmpWalk x.x.x.x '1.3.6.1.2.1.17.4.3.1' -v3 -snMySecName -sl2 -authMD5 -uaMyPassword
/usr/tideway/snmp++/bin/snmpWalk x.x.x.x '1.3.6.1.2.1.17.4.3.1' -v3 -snMySecName -sl3 -authSHA -ua'My$#!Password' -privDES  -up'My$#!PrivateKey'

The security name can be written -snMySecName or -sn'MySecName'

The keys containing special characters like $#! must be quoted. For example: -ua'My$#!Password'.

The output can also be redirected to a file, for example: 

/usr/tideway/snmp++/bin/snmpWalk x.x.x.x -v2c -Cpublic >> snmpwalk.txt

Note: Other commands available in this library include snmpBulk, snmpGet, and snmpNext.

2- From Outpost:

Either:

- Download snmpwalk from https://ezfive.com/snmpsoft-tools/snmp-walk/ and execute SnmpWalk.exe
- Download snmpget from https://ezfive.com/snmpsoft-tools/snmp-get/ and execute SnmpGet.exe

Examples for:

- SNMP v2:

C:\snmp\SnmpWalk.exe -r:x.x.x.x  -p:161 -v:2c -c:public
C:\snmp\SnmpGet.exe -r:x.x.x.x -o:1.3.6.1.2.1.17.4.3.1 -p:161 -v:2c -c:public

- SNMP v3: 

C:\snmp\SnmpWalk.exe -r:x.x.x.x  -p:161 -v:3  -sn:<security name> -ap:<auth_protocol> -aw:<auth_passwd>   -pp:<priv_protocol> -pw:<priv_passwd>

 Note: Authentication and privacy  protocol values should be one of the following: 

 -ap:   MD5, SHA
 -pp:   DES, IDEA, AES128, AES192, AES256, 3DES

Notes:

• The timeout value increases in snmpwalk after each try. If an snmpwalk works correctly with a timeout of 10s, it does not necessarily mean that 10s will be enough for Discovery.
• snmpwalk uses SNMP getnext. Use snmpbulkwalk instead to use getBulk.
• Even if the snmpwalk result looks correct, there might be some missing OIDs caused by timeouts. This can be verified with the number of lines returned by snmpwalk and the number of lines found in the MVC file of a device capture.
• A timeout can be caused by an incorrect credential (wrong or unsupported version/key/community/securityname/method or security level)
• An error "Unsupported securitylevel" can be caused by a permission issue in the scanned SNMP agent.
• An SnmpWalk failure is enough to confirm that some prerequisites of Discovery are not met: the SNMP port must be reachable, the network must allow the SNMP traffic (at least), the SNMP credential must be correct and the agent must be reasonably responsive.