SNMP OID for network traffic

primero picture primero · Jun 27, 2012 · Viewed 19k times · Source

i'm working on a script that will monitor traffic on specific hosts from nagios. I have studied some scripts already made and have gathered almost all the info i need to do it but i have encountered a problem in identifying the OID's necessary for the traffic. I wanted to use IF-MIB::ifOutOctets.1 and IF-MIB::ifInOctets.1 to get the incoming and outgoing traffic but when i tested with the following line:

snmpwalk -v 1 -c public myComputer OID

i got the same result for both the OID's and that doesn't seem right. I'm wandering if there are other variables i could try instead of those i'm using now.

It would be useful even if you can point me to where i could find some info on the IF-MIB, because i can get all the values with snmpwalk but i don't know how to interpret them

Answer

primero picture primero · Jun 27, 2012

Ok, i found the answer, after some searching. The values are equal because i was not asking the right interface(i was asking the loopback). There is this command snmpwalk -v 1 -c public hostname 1.3.6.1.2.1.31.1.1.1 that lists a lot of OID's and from there you can see 'IF-MIB::ifName' which stand for the interfaces. And if you execute IF-MIB::ifInOctets.x where x corresponds to the interface you are interested in you can find a number in bytes. I am not sure what it means, or how it's generated but i tested executing twice the command:

date ; snmpwalk -v 1 -c public myComputer ifOutOctets.x 

at an interval of aprox 1 min, and then i subtracted the two values and devided them by the number of seconds that passed between the executions. I compared the value with the one obtained from iptraf and they kinda match, so i think you can used this way to find the traffic a station with snmp.