Created on 09-28-2016 02:57 AM Edited on 05-26-2022 07:30 AM By Anonymous
Description
Scope
Solution
Go to the /opt/phoenix/bin directory and execute snmpbulkwalk.
#cd /opt/phoenix/bin#snmpbulkwalk -v 2c –c <credentials> <ip> .
Output example:
SNMPv2-MIB::sysDescr.0 = STRING: Hardware: Intel64 Family 6 Model 44 Stepping 2 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.311.1.1.3.1.3DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (257668701) 29 days, 19:44:47.01SNMPv2-MIB::sysContact.0 = STRING:SNMPv2-MIB::sysName.0 = STRING: WIN-IIKW9EG1676SNMPv2-MIB::sysLocation.0 = STRING:SNMPv2-MIB::sysServices.0 = INTEGER: 76IF-MIB::ifNumber.0 = INTEGER: 15IF-MIB::ifIndex.1 = INTEGER: 1IF-MIB::ifIndex.2 = INTEGER: 2IF-MIB::ifIndex.3 = INTEGER: 3IF-MIB::ifIndex.4 = INTEGER: 4IF-MIB::ifIndex.5 = INTEGER: 5IF-MIB::ifIndex.6 = INTEGER: 6IF-MIB::ifIndex.7 = INTEGER: 7IF-MIB::ifIndex.8 = INTEGER: 8IF-MIB::ifIndex.9 = INTEGER: 9IF-MIB::ifIndex.10 = INTEGER: 10IF-MIB::ifIndex.11 = INTEGER: 11IF-MIB::ifIndex.12 = INTEGER: 12IF-MIB::ifIndex.13 = INTEGER: 13IF-MIB::ifIndex.14 = INTEGER: 14IF-MIB::ifIndex.15 = INTEGER: 15IF-MIB::ifDescr.1 = STRING: Software Loopback Interface 1IF-MIB::ifDescr.2 = STRING: WAN Miniport (SSTP)IF-MIB::ifDescr.3 = STRING: WAN Miniport (L2TP)IF-MIB::ifDescr.4 = STRING: WAN Miniport (PPTP)IF-MIB::ifDescr.5 = STRING: WAN Miniport (PPPOE)IF-MIB::ifDescr.6 = STRING: WAN Miniport (IPv6)IF-MIB::ifDescr.7 = STRING: WAN Miniport (Network Monitor)...
If there is no response verify the following:- SNMP community string syntax- UDP port 161 is not being blocked somewhere between the FortiSIEM Supervisor and the target device- SNMP agent isn't properly configured on .
#snmpbulkwalk -v 2c -c puc 172.16.22.134 .Timeout: No Response from 172.16.22.134
To check target device is listening on port 161 enter the following command:
#nmap -p 161 <target ip>
For SNMP version 1 use this command syntax:#snmpbulkwalk -v 1 –c <credentials> <ip> .Example:
#snmpbulkwalk -v 1 -c snmppass 10.1.1.1
For SNMP version 3 use this command syntax:
#snmpbulkwalk –v 3 –u <user> -l <level> -a <authProto> -A <authPass> -x <privProto> -X <privPass> <ip> system
Example:
#snmpbulkwalk -v 3 -l authNoPriv -u snmpuser -A snmppass 10.1.1.1
To redirect the output to a file
#snmpbulkwalk –v 2c –c <cred> <ip> . > out.txt
Snmpbulkwalk is an open-source tool that FortiSIEM uses to pull SNMP data. You can refer to the following URL for information on this program and its options.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.