vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

SNMP enhancements #718

Browse Source
This commit is contained in:
jokob-sk
2024-07-02 19:17:52 +10:00
parent 612ff7c293
commit 1b6e806830
7 changed files with 68 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
front/plugins/snmp_discovery/README.md
View File

@@ -1,17 +1,19 @@
## Overview
A plugin for importing devices from an SNMP enabled router or switch. Using SNMP offers an efficient way to discover IPv4 devices across one or more networks/subnets/vlans.
A plugin for importing devices from an SNMP-enabled router or switch. Using SNMP offers an efficient way to discover IPv4 devices across one or more networks/subnets/vlans.
### Usage
Specify the following settings in the Settings section of NetAlertX:
- `SNMPDSC_routers` - A list of `snmpwalk` commands to execute against IP addresses of roputers/switches with SNMP turned on. For example:
- `SNMPDSC_routers` - A list of `snmpwalk` commands to execute against IP addresses of routers/switches with SNMP turned on. For example:
- `snmpwalk -v 2c -c public -OXsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2`
- `snmpwalk -v 2c -c public -Oxsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2` (note: lower case `x`)
If unsure, please check [snmpwalk examples](https://www.comparitech.com/net-admin/snmpwalk-examples-windows-linux/).
### Setup Cisco IOS
Enable IOS SNMP service and restrict to selected (internal) IP/Subnet.
@@ -35,5 +37,24 @@ show snmp
### Notes
- Only IPv4 supported.
- The SNMP OID `.1.1.1.3.6.1.2.1.3.1.1.2` is specifically for devices IPv4 ARP table. This OID has been tested on Cisco ISRs and other L3 devices. Support may vary between other vendors / devices.
- Expected output (ingestion) in format `iso.3.6.1.2.1.3.1.1.2.3.1.192.168.1.2 "6C 6C 6C 6C 6C 6C "`.
- The SNMP OID `.1.1.1.3.6.1.2.1.3.1.1.2` is specifically for devices IPv4 ARP table. This OID has been tested on Cisco ISRs and other L3 devices. Support may vary between other vendors/devices.
- Expected output (ingestion) in formats:
- `iso.3.6.1.2.1.3.1.1.2.3.1.192.168.1.2 "6C 6C 6C 6C 6C 6C "`.
- `ipNetToMediaPhysAddress[3][192.168.1.9] 6C:6C:6C:6C:6C:b6C1`.
### Finding your OID
- Ssh into the router (in this example the IP of the router is `192.168.1.1`)
- On the router execute `snmptranslate -On -IR ipNetToMediaPhysAddress` (This is a UniFi router example, and the `object_id` is `ipNetToMediaPhysAddress`. This might vary between vendors, google your router manufacturer examples.)
```bash
jokob@SecurityGateway-USG:~$ snmptranslate -On -IR ipNetToMediaPhysAddress
.1.3.6.1.2.1.4.22.1.2
```
- Use the `snmpwalk -v 2c -OXsq -c public 192.168.1.1 .1.3.6.1.2.1.4.22.1.2` command in NetAlertX