SNMP Agent Protocol Monitoring

SNMP (Simple Network Management Protocol) is an application-layer protocol used to manage and monitor network devices. SNMP provides a common way for devices on your network — such as routers, switches, WiFi access points, printers, and anything connected in an IP network — to share monitoring metrics. An SNMP agent is shipped with practically any network equipment, providing an out-of-the-box way to monitor devices over both local area networks (LANs) and wide area networks (WANs). SNMP has also been adopted by some internet of things (IoT) devices vendors.

SNMP pull vs push model

SNMP monitoring can be implemented in two modes: pull or push (traps).

  • In the pull model, a monitoring agent sends SNMP requests to a SNMP agent running on the target device on scheduled regular intervals. The SNMP agent on the device responds with the specific requested metric.
  • In push mode, a.k.a. SNMP Trap, communication starts from the opposite end. The monitored device (via SNMP agent) sends status messages (traps) to a trap receiver at the monitoring system. In the case of traps, there is no scheduling, trap messages are sent as they are generated, giving a real-time view of system and network performance issues.

By using SNMP pulling and SNMP traps, customers can balance resource consumption impact (both system and network) caused by short pulling intervals trying to catch subtle changes, when a trap would be a better and more cost-efficient option. For example, when a power supply unit or disk failure occurs, Telegraf would receive the SNMP trap and send it to the output plugins. You could then configure an alert to notify you or your team of the failure.

InfluxDB platform supports both modes of SNMP monitoring, pull and traps, via two Telegraf plugins: Telegraf SNMP Input Plugin (input.snmp) and Telegraf SNMP Trap Input Plugin (inputs.snmp_trap).

Network and system monitoring solution with Telegraf SNMP and Telegraf SNMP Trap Input Plugins

Telegraf SNMP and SNMP Trap plugins provide a comprehensive solution for monitoring SNMP data from networked devices. Device metrics resource utilization, load status and health check as well as network performance metrics can be monitored via SNMP monitoring.

Telegraf is the collection agent of InfluxData time series platform (see diagram below). InfluxData time series platform allows for the collection, visualization and analysis of all metrics and events ingested and monitored. InfluxDB — the purpose-built time series database is the platform’s core open source component. Telegraf is InfluxDB’s agent with hundreds of plugins for the most common applications and protocols ready to be activated and to start collecting metrics and events. Telegraf is also open source with its own project in the community.

One of the main use-cases for adopting a time series platform is systems and network monitoring. Gathering the data of interest is a key part of any monitoring solution. This can be done in multiple ways.

To facilitate the process, Telegraf was designed as a lightweight, plugin-driven collection agent that can either run on your hosts (collecting data about your systems and applications) or operate remotely (scraping data via endpoints exposed by your applications).

See below TICK Stack architecture:

SNMP integration InfluxData architecture

Telegraf SNMP Plugin configuration

The Telegraf SNMP input plugin uses polling to gather metrics from SNMP agents. The plugin also includes support for gathering individual OIDs as well as complete SNMP tables.

Configuring Telegraf for SNMP collection

The following configuration is used to run the SNMP plugin with Telegraf. Read more about the details to configure Telegraf in our documentation.

  ## Agent addresses to retrieve values from.
  ##   format:  agents = ["<scheme://><hostname>:<port>"]
  ##   scheme:  optional, either udp, udp4, udp6, tcp, tcp4, tcp6.  
  ##            default is udp
  ##   port:    optional
  ##   example: agents = ["udp://"]
  ##            agents = ["tcp://"]
  ##            agents = ["udp4://v4only-snmp-agent"]
  agents = ["udp://"]

  ## Timeout for each request.
  # timeout = "5s"

  ## SNMP version; can be 1, 2, or 3.
  # version = 2

  ## SNMP community string.
  # community = "public"

  ## Agent host tag
  # agent_host_tag = "agent_host"

  ## Number of retries to attempt.
  # retries = 3

  ## The GETBULK max-repetitions parameter.
  # max_repetitions = 10

  ## SNMPv3 authentication and encryption options.
  ## Security Name.
  # sec_name = "myuser"
  ## Authentication protocol; one of "MD5", "SHA", or "".
  # auth_protocol = "MD5"
  ## Authentication password.
  # auth_password = "pass"
  ## Security Level; one of "noAuthNoPriv", "authNoPriv", or "authPriv".
  # sec_level = "authNoPriv"
  ## Context Name.
  # context_name = ""
  ## Privacy protocol used for encrypted messages; one of "DES", "AES", "AES192", "AES192C", "AES256", "AES256C", or "".
  ### Protocols "AES192", "AES192", "AES256", and "AES256C" require the underlying net-snmp tools 
  ### to be compiled with --enable-blumenthal-aes (
  # priv_protocol = ""
  ## Privacy password used for encrypted messages.
  # priv_password = ""

  ## Add fields and tables defining the variables you wish to collect.  This
  ## example collects the system uptime and interface variables.  Reference the
  ## full plugin documentation for configuration details.
    oid = "RFC1213-MIB::sysUpTime.0"
    name = "uptime"

    oid = "RFC1213-MIB::sysName.0"
    name = "source"
    is_tag = true

    oid = "IF-MIB::ifTable"
    name = "interface"
    inherit_tags = ["source"]

      oid = "IF-MIB::ifDescr"
      name = "ifDescr"
      is_tag = true

For more information, please check out the documentation.

Project URL   Documentation

Telegraf SNMP Trap configuration

Like most Telegraf plugins, the SNMP Trap Input Plugin does not require much configuration. Some prerequisites to install tools from the net-snmp project are required. In addition, on many operating systems, listening on a privileged port (a port number less than 1024) requires extra permission. Since the default SNMP trap port 162 is in this category, using Telegraf to receive SNMP traps may require elevated permissions.

  ## Transport, local address, and port to listen on.  Transport must
  ## be "udp://".  Omit local address to listen on all interfaces.
  ##   example: "udp://"
  ## Special permissions may be required to listen on a port less than
  ## 1024.  See for details
  # service_address = "udp://:162"
  ## Timeout running snmptranslate command
  # timeout = "5s"

What metrics are collected from Telegraf SNMP Trap plugin?


Tag Description
IP address of trap source
value from SNMPv2-MIB::snmpTrapOID.0 PDU
Management Information Base (MIB) from SNMPv2-MIB::snmpTrapOID.0 PDU
Object Identifiers (OID) string from SNMPv2-MIB::snmpTrapOID.0 PDU
Version “1" or "2c" or "3"


Fields are mapped from variables in the trap. The field names are the trap variable names after MIB lookup. The field values are trap variable values. (example fields: sysUpTimeInstance (integer), snmpTrapEnterprise (string))

For more information, please check out the documentation.

Project URL   Documentation

Related resources