What are the steps to take to get specific information from SNMP?

Question

I want to query a FortiGate for its CPU usage.
Per Fortinet documentation, the variable to use is fgPerCpuHighDetails:

$ grep fgPerCpuHighDetails /home/qa/.snmp/mibs/FORTINET-*
/home/qa/.snmp/mibs/FORTINET-FORTIGATE-MIB.mib:fgPerCpuHighDetails OBJECT-TYPE
/home/qa/.snmp/mibs/FORTINET-FORTIGATE-MIB.mib:    OBJECTS     { fnSysSerial, sysName, fgPerCpuHighDetails }
/home/qa/.snmp/mibs/FORTINET-FORTIGATE-MIB.mib:                fgProcModMemCapacity, fgProcModMemUsage, fgPerCpuHighDetails,

However, when I try to probe fgPerCpuHighDetails, I get:

$ snmpget -v2c -cpublic -mALL 192.168.1.99 fgPerCpuHighDetails
FORTINET-FORTIGATE-MIB::fgPerCpuHighDetails = No Such Object available on this agent at this OID

Can you recommend any URL that explains the steps to take to get information from SNMP?

$ sudo systemctl status snmpd -l
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
   Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-07-17 16:46:31 PDT; 21h ago
 Main PID: 879 (snmpd)
    Tasks: 1
   CGroup: /system.slice/snmpd.service
           └─879 /usr/sbin/snmpd -LS0-6d -f

Jul 17 16:46:30 vestal8 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Jul 17 16:46:31 vestal8 snmpd[879]: NET-SNMP version 5.7.2
Jul 17 16:46:31 vestal8 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..

$ snmpwalk -v2c -c public 192.168.1.99 fgPerCpuHighDetails
fgPerCpuHighDetails: Unknown Object Identifier (Sub-id not found: (top) -> fgPerCpuHighDetails)

score 2 · Answer 1 · answered Jul 27 '20 at 15:28

To poll an OID using its textual form, you should use the MIB::OID notation. If you're using OID in its numerical form, you can use it directly. This is because SNMP agents use numerical form and humans use textual (akin to DNS). So, agents can easily parse the numbers, but need textual forms translated into numbers. MIBs do that, so you need to specify the correct MIB where OID is defined so snmp command can translate it before polling the agent.

MIB name is defined with the DEFINITIONS statement in the MIB file. Don't confuse this with the name of the MIB file (sometimes the same, but not always). So, as fgPerCpuHighDetails in your example is defined in FORTINET-FORTIGATE-MIB.mib, do:

grep DEFINITIONS /home/qa/.snmp/mibs/FORTINET-FORTIGATE-MIB.mib

to find out the name of the MIB. I don't have this particular MIB, but likely the name will be FORTINET-FORTIGATE-MIB.

With that info you can then poll the device:

snmpwalk -v2c -c public 192.168.1.99 FORTINET-FORTIGATE-MIB::fgPerCpuHighDetails

Use snmptranslate to parse the MIBs and explore them:

snmptranslate -Td MIB::OID for description of an OID
snmptranslate -Tp MIB::OID to map the hierarchical structure of and OID and all children OIDs.
snmptranslate -On MIB:OID to translate an OID into numerical form
Check man page for more options.

What are the steps to take to get specific information from SNMP?

1 Answers1