What is SNMP used for?
Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices. SNMP provides a common way for devices on your network — such as routers, WiFi access points, and printers — to share monitoring metrics. The beauty of SNMP is that it’s been around forever so many different vendors support it, and that it works over both local area networks (LANs) and wide area networks (WANs). SNMP is also used for some internet of things (IoT) devices.
Is SNMP still used?
Yes! Even though SNMP was defined in 1988 — an eternity by tech standards — it’s still widely used for monitoring and management. There are three main versions of SNMP — versions 1, 2 and 3. If you have a choice, use SNMP v3, since it has increased security capabilities: user accounts, authentication, and data encryption.
What are SNMP Traps?
SNMP Traps are alert messages sent from a remote SNMP-enabled device to a central collector, the “SNMP manager”. SNMP exposes data via object identifiers (OID), whose hierarchical tree structure is organized in a Management Information Base (MIB). MIBs are text files provided by equipment vendors that lists all data objects (OIDs) managed by a specific equipment.
Your SNMP manager will use the MIB to interpret the incoming messages from your new device. Trap messages are the main form of communication between an SNMP Agent and an SNMP Manager. A major benefit of using SNMP Traps for reporting alarms is that they trigger instantaneously, rather than waiting for a status request from the manager.
How can I use Telegraf to monitor my SNMP Traps?
The Telegraf SNMP Trap Input Plugin receives SNMP notifications — traps and inform requests — to give a real-time view of system and network performance issues. In addition, by monitoring SNMP traps, customers can balance resource consumption impact (both system and network) caused by pulling SNMP data in short intervals. For example, when a power supply unit or disk failure occurs, Telegraf would receive the SNMP trap and send it to the output plugins. You could then configure an alert to notify you or your team of the failure.
How do I properly configure my SNMP Trap Plugin?
Like most Telegraf plugins, the SNMP Trap Input Plugin does not require much configuration. Some prerequisites to install tools from the net-snmp project are required. In addition, on many operating systems, listening on a privileged port (a port number less than 1024) requires extra permission. Since the default SNMP trap port 162 is in this category, using Telegraf to receive SNMP traps may require elevated permissions.
[[inputs.snmp_trap]] ## Transport, local address, and port to listen on. Transport must ## be "udp://". Omit local address to listen on all interfaces. ## example: "udp://127.0.0.1:1234" ## ## Special permissions may be required to listen on a port less than ## 1024. See README.md for details ## # service_address = "udp://:162" ## Timeout running snmptranslate command # timeout = "5s"
What metrics are collected from Telegraf SNMP Trap plugin?
|IP address of trap source|
|value from SNMPv2-MIB::snmpTrapOID.0 PDU|
|Management Information Base (MIB) from SNMPv2-MIB::snmpTrapOID.0 PDU|
|Object Identifiers (OID) string from SNMPv2-MIB::snmpTrapOID.0 PDU|
|Version “1” or “2c” or “3”|
Fields are mapped from variables in the trap. The field names are the trap variable names after MIB lookup. The field values are trap variable values. (example fields:
Example of Telegraf collecting SNMP Traps during a SNMP Server (snmpd) Restart
Above is a quick demo using the SNMP Trap plugin where Telegraf is set up to receive traps on port 162 of an SNMP virtual machine. All agent settings are default configurations.
Input Plugin configuration from demo:
[[inputs.snmp_trap]] service_address = "udp://:162"
The virtual machine used in the demo has net-snmp’s snmpd to send version 1 and version 2c traps to Telegraf. In the demo, the virtual machine is restarted and therefore will send shutdown (
nsNotififyShutdown) and startup (
coldStart) traps to Telegraf.
Output Results from demo (select “view raw” to view entire raw text in full screen):
If you or your company are using any version of SNMP devices and want to monitor traps, try out everything you read in this Telegraf plugin! We’d love to hear how you’re monitoring SNMP using this plugin or any other InfluxData products. Join our Community Slack Channel where you can ask questions and engage with other people using InfluxDB!