Solved

extend snmp through snmpd.conf

Posted on 2011-02-25
6
923 Views
Last Modified: 2012-05-11
I'm trying to add a custom OID to report the value of USED swap sapce.  I'm missing something with the syntax I guess.

Here is what I have tried:
extend .1.3.6.1.4.1.9999.1.16.24 swapUsed free|grep Swap:|awk '{print $3}'
extend .1.3.6.1.4.1.9999.1.16.24 swapUsed `free|grep Swap:|awk '{print $3}'`
sh .1.3.6.1.4.1.9999.1.16.24 swapUsed free|grep Swap:|awk '{print $3}'
sh .1.3.6.1.4.1.9999.1.16.24 swapUsed `free|grep Swap:|awk '{print $3}'`

When I poll .1.3.6.1.4.1.9999.1.16.24 with a mib browser I get "snmp no such object"

If I used extend I get:
snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.9999.1.16.24                                        -Os
enterprises.9999.1.16.24.1.0 = INTEGER: 1
enterprises.9999.1.16.24.2.1.2.8.115.119.97.112.85.115.101.100 = STRING: "`free|                                       grep"
enterprises.9999.1.16.24.2.1.3.8.115.119.97.112.85.115.101.100 = STRING: "Swap:|                                       awk '{print $3}'`"
enterprises.9999.1.16.24.2.1.4.8.115.119.97.112.85.115.101.100 = ""
enterprises.9999.1.16.24.2.1.5.8.115.119.97.112.85.115.101.100 = INTEGER: 5
enterprises.9999.1.16.24.2.1.6.8.115.119.97.112.85.115.101.100 = INTEGER: 1
enterprises.9999.1.16.24.2.1.7.8.115.119.97.112.85.115.101.100 = INTEGER: 1
enterprises.9999.1.16.24.2.1.20.8.115.119.97.112.85.115.101.100 = INTEGER: 4
enterprises.9999.1.16.24.2.1.21.8.115.119.97.112.85.115.101.100 = INTEGER: 1
enterprises.9999.1.16.24.3.1.1.8.115.119.97.112.85.115.101.100 = STRING: "`free|                                       grep: No such file or directory"
enterprises.9999.1.16.24.3.1.2.8.115.119.97.112.85.115.101.100 = STRING: "`free|                                       grep: No such file or directory"
enterprises.9999.1.16.24.3.1.3.8.115.119.97.112.85.115.101.100 = INTEGER: 1
enterprises.9999.1.16.24.3.1.4.8.115.119.97.112.85.115.101.100 = INTEGER: 1
enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.1 = STRING: "`fre                                       e|grep: No such file or directory"

If I use sh I get:
snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.9999.1.16.24 -Os
enterprises.9999.1.16.24.1.1 = INTEGER: 1
enterprises.9999.1.16.24.2.1 = STRING: "swapUsed"
enterprises.9999.1.16.24.3.1 = STRING: "`free|grep Swap:|awk '{print $3}'`"
enterprises.9999.1.16.24.100.1 = INTEGER: 32512
enterprises.9999.1.16.24.102.1 = INTEGER: 0
enterprises.9999.1.16.24.103.1 = ""


0
Comment
Question by:Dooglave
  • 6
6 Comments
 
LVL 6

Author Comment

by:Dooglave
Comment Utility
This is actually what I started with:
extend .1.3.6.1.4.1.9999.1.16.24 swapUsed /usr/bin/free grep Swap:|awk '{print $3}'

As you can see by the walk it's like it doesn't take the args after the free command. How do I make it include the grep Swap:|awk '{print $3}'



snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.9999.1.16.24
SNMPv2-SMI::enterprises.9999.1.16.24.1.0 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.2.8.115.119.97.112.85.115.101.100 = STRING: "/usr/bin/free"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.3.8.115.119.97.112.85.115.101.100 = STRING: "grep Swap:|awk '{print $3}'"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.4.8.115.119.97.112.85.115.101.100 = ""
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.5.8.115.119.97.112.85.115.101.100 = INTEGER: 5
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.6.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.7.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.20.8.115.119.97.112.85.115.101.100 = INTEGER: 4
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.21.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.1.8.115.119.97.112.85.115.101.100 = STRING: "             total       used       free     shared    buffers     cached"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.2.8.115.119.97.112.85.115.101.100 = STRING: "             total       used       free     shared    buffers     cached
Mem:       6218628    4185380    2033248          0     132724    3778520
-/+ buffers/cache:     274136    5944492
Swap:     14707496         72   14707424"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.3.8.115.119.97.112.85.115.101.100 = INTEGER: 4
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.4.8.115.119.97.112.85.115.101.100 = INTEGER: 0
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.1 = STRING: "             total       used       free     shared    buffers     cached"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.2 = STRING: "Mem:       6218628    4185380    2033248          0     132724    3778520"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.3 = STRING: "-/+ buffers/cache:     274136    5944492"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.4 = STRING: "Swap:     14707496         72   14707424"
0
 
LVL 6

Author Comment

by:Dooglave
Comment Utility
seems like it's not honoring the pipe
0
 
LVL 6

Author Comment

by:Dooglave
Comment Utility
This might be good enough: extend-sh .1.3.6.1.4.1.9999.1.16.24 swapUsed /usr/bin/free grep Swap:|awk '{print $3}'

I changed extend to extend-sh and now I get the value in OID SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.4 = STRING: "72"

Which is the correct value .....but what is all that other junk? I just want 72 as an integer and not all the other junk.
And were does all this (.4.1.2.8.115.119.97.112.85.115.101.100.4)added on to my OID come from?

snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.9999.1.16.24
SNMPv2-SMI::enterprises.9999.1.16.24.1.0 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.2.8.115.119.97.112.85.115.101.100 = STRING: "/usr/bin/free"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.3.8.115.119.97.112.85.115.101.100 = STRING: "grep Swap:|awk '{print $3}'"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.4.8.115.119.97.112.85.115.101.100 = ""
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.5.8.115.119.97.112.85.115.101.100 = INTEGER: 5
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.6.8.115.119.97.112.85.115.101.100 = INTEGER: 2
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.7.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.20.8.115.119.97.112.85.115.101.100 = INTEGER: 4
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.21.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.1.8.115.119.97.112.85.115.101.100 = STRING: "free"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.2.8.115.119.97.112.85.115.101.100 = STRING: "free
4191572
274464
72"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.3.8.115.119.97.112.85.115.101.100 = INTEGER: 4
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.4.8.115.119.97.112.85.115.101.100 = INTEGER: 0
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.1 = STRING: "free"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.2 = STRING: "4191572"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.3 = STRING: "274464"
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.4 = STRING: "72"
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 6

Author Comment

by:Dooglave
Comment Utility
I fogot to add the pipe back.  output is a little better now. So how do I make it an integer or does it matter. I think it does because I want to creat a trap to see if it's >0

snmpwalk -c public -v 2c localhost .1.3.6.1.4.1.9999.1.16.24
SNMPv2-SMI::enterprises.9999.1.16.24.1.0 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.2.8.115.119.97.112.85.115.101.100 = STRING: "/usr/bin/free"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.3.8.115.119.97.112.85.115.101.100 = STRING: "|grep Swap:|awk '{print $3}'"
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.4.8.115.119.97.112.85.115.101.100 = ""
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.5.8.115.119.97.112.85.115.101.100 = INTEGER: 5
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.6.8.115.119.97.112.85.115.101.100 = INTEGER: 2
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.7.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.20.8.115.119.97.112.85.115.101.100 = INTEGER: 4
SNMPv2-SMI::enterprises.9999.1.16.24.2.1.21.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.1.8.115.119.97.112.85.115.101.100 = STRING: "72"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.2.8.115.119.97.112.85.115.101.100 = STRING: "72"
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.3.8.115.119.97.112.85.115.101.100 = INTEGER: 1
SNMPv2-SMI::enterprises.9999.1.16.24.3.1.4.8.115.119.97.112.85.115.101.100 = INTEGER: 0
SNMPv2-SMI::enterprises.9999.1.16.24.4.1.2.8.115.119.97.112.85.115.101.100.1 = STRING: "72"
0
 
LVL 6

Accepted Solution

by:
Dooglave earned 0 total points
Comment Utility
I've tried a few things like int(command) and add INTEGER at the end of the extend line. It returns an integer but it's 512 instead of the current used value of swap which should be 72
0
 
LVL 6

Author Closing Comment

by:Dooglave
Comment Utility
I'm done with this.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now