TweetFollow Us on Twitter

SNMP Primer for OSX Leopard

Volume Number: 24 (2008)
Issue Number: 08
Column Tag: Network Management

SNMP Primer for OSX Leopard

An article on "Understanding, Configuring, and Customizing SNMP on OS X Leopard" that might change the way you think about your Mac.

by Noah Gift

Introduction

If you haven't done any work with SNMP before, you might be thinking, "who cares?" SNMP has gotten the somewhat deserved reputation as being complex to administer and understand. As a result, many people don't care, and there are not that many articles that talk about it.

This article will attempt to present the information in a gentle enough manner that no experience with SNMP will be required. At the same time, we will dive into a few obscure, but absolutely fascinating things that be done with SNMP that few delve into. It is quite fun to let a cat out of the bag, so let's dive into SNMP and see how it might just change the way you think about your Mac.

Backwards First

Because SNMP can be incredibly boring to talk about, let's save the obligatory overview of what SNMP is, the history of SNMP, configuring SNMP etc. Instead we are going to immediately do something useful. Just follow these steps on a OS X Leopard machine that is not a production server.

Step 1:  cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak.052108
Step 2: echo "rocommunity public" > /etc/snmp/snmpd.conf
Step 3:  Restart the snmpd daemon by simply typing the executable:
mini# snmpd
Step 4:  Query the disk usage of your machine via snmp:
mini# snmpdf –v 2c –c public localhost
Description            size (kB)          Used        Available    Used%
Physical memory        1310720            821440      489280         62%
Swap space               65532                 0       65532          0%
/                     77814832          51153396    26661436         65%
/dev                         1                 1           0        100%
/dev                         1                 1           0        100%
/net                         0                 0           0          0%
/home/net                    0                 0           0          0%

Hopefully these simple four steps did the equivalent of dropping a suitcase nuke on your preconceptions about SNMP. Let's now go over what we did in detail now. In the first step we simply made a backup of the snmp configuration file, and added a date stamp on it.

In the second step we overwrote the whole snmpd.conf file by simply echoing out one line of configuration syntax; this effectively erases pages upon pages of almost completely useless configuration data you will never use. This in fact is one of the biggest stumbling blocks to understanding new technology, too much information.

In the third step we told snmpd to start the daemon so we can query it. (We will get into launchd configurations later). Finally in the fourth step, we ran a specialized snmp tool that is effectively the same as running df –k on a local machine.

Backwards First Explained

Now that we have removed some of the magic behind SNMP, and brought it down to the level of complexity of ssh or tar let's fill in a few of the details. The very first detail to understand is the cryptic syntax for the snmpdf command. If we look at the command again, we can break it down into the following sections:

snmpdf –v [SNMP Version] –c [Name of community string] IP Address or hostname

Fortunately, all of the Net–SNMP command line tools follow this same syntax, so you will only need to understand one tool to understand the rest. The –v option refers to which version of SNMP you wish to use. The available options are 1, 2c, and 3. Versions 1 and 2c are not encrypted so they are only safe to use in a secure firewalled environment, and version 3 requires more explanation and setup. If you just want to setup snmp at home behind a firewall, then 2c is the version you will most likely want to use.

The next flag –c refers to the community string. With SNMP versions 1 and 2c, the authentication system revolves around setting community strings to grant access to the snmp daemon. There are ways to set community strings to allow read access, which is what we did in the section above, and also to allow read/write access. In this case, we went with a convention and used public as the ro, or read only community string.

Finally, we just typed in the name of the local machine. We could have typed in the name of any machine on the internet though, if they had snmp running and had the configuration we setup. This is really almost 80% of what someone needs to know about SNMP, we will cover a few of other things later. Given that we are now SNMP experts, let's write some code to monitor a home network for disk usage problems.

Writing a Disk Space Monitoring System in Python

Since we are now SNMP experts, and have bragged to all of our friends how we can monitor the disk usage of our machines remotely, we got thrown into a consulting gig "by accident." Our task is to write a simple nightly monitoring script that checks all of the machines on a local network to make sure they do not have critical disk space issues. This client has several Final Cut Pro Suites where the editors constantly overfill their RAID volumes, and it is our job to write code that will prevent it before it happens and send the company owner an email when disk space on any volume exceeds 80%.

With Python and SNMP this is actually a trivial, yet very useful, problem to solve. The first step is to write some code that flags disk usage that exceeds 80%.

Listing 1: snmpdf_alert.py

#!/usr/bin/env python

""" Parses the output of snmpdf and performs a regular expression match that searches for 80–99% disk usage pattern. If a match is found it prints out the volume that exceeds our "quota"."""

from subprocess import PIPE, Popen
import re
def snmpdf(machine):
    """Returns snmpdf output as file object"""
    p = Popen("snmpdf –v 2c –c public %s" % machine,
                shell=True,
                stdout=PIPE,
                stderr=PIPE)
    return p.stdout
def parse(file):
    """Parses file object and determines if critical match
    between 80–99% disk usage is met.
    Returns collected results with new stamp line."""
    collection = []
    pattern = "[8–9][0–9]%"
    outline = (line.split() for line in file)
    flag = (" ".join(row) for row in outline \
        if re.search(pattern, row[–1]))
    for line in flag:
        newline = "%s DISK USAGE CRITICAL" % line
        collection.append(newline)
    if len(collection) > 0:
        return collection
if __name__ == "__main__":
    #prints results
    out = snmpdf("localhost")
    result = parse(out)
    if result:
        for line in result:
            print line

All this script does is to take the results from the snmpdf command and look for volumes that have between 80–99 % utilization. If you are dealing with editing on a local RAID volume, often exceeding 80% capacity will cause performance problems. If we run this script on a machine with utilization problems, we get something that looks like this:

mini# python2.5 snmpdf_alert.py
/ 97349872 88678460 8671412 91% DISK USAGE CRITICAL

We can see that this machine's root volume or "/", is at 91% capacity. This is obviously a big problem that we need to address very soon.

In order to turn this into something that manages a network and emails a warning, it would be fairly easy to just run this in a cron job or via launchd, and mail an alert message if the output of the script was not None, which is what happens when there is no match for our regular expression.

If you are new to Python some of the code may look a little weird, so here are a few things to remember. First, whitespace is significant, so indentations are there to control the flow of the program. Second, if you are coming from another language, Python is fairly easy to pick up. If you would like a reasonable introduction to the language please refer to tutorial listed in references.

Getting Closer to 80% Knowledge of SNMP

There are few things we glossed over in the first parts of the article because they were boring, but let's get them out of the way. This should bring you a bit closer, if not all the way, to knowing 80% SNMP.

First, in order to get the SNMP daemon to run upon startup you will need to modify the plist for:

/System/Library/LaunchDaemons/org.net–snmp.snmpd.plist

And make it look as follows:

Listing 2: /System/Library/LaunchDaemons/org.net–snmp.snmpd.plist

<?xml version="1.0" encoding="UTF–8"?>
<!DOCTYPE plist PUBLIC "–//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList–1.0.dtd">
<plist version="1.0">
<dict>
    <key>Disabled</key>
    <false/>
    <key>KeepAlive</key>
    <true/>
    <key>Label</key>
    <string>org.net–snmp.snmpd</string>
    <key>OnDemand</key>
    <false/>
    <key>Program</key>
    <string>/usr/sbin/snmpd</string>
    <key>ProgramArguments</key>
    <array>
        <string>snmpd</string>
        <string>–f</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>ServiceIPC</key>
    <false/>
</dict>
</plist>

What this does is to tell the snmpd daemon to start up upon reboot and then stay alive. Arguably, this could be set to OnDemand instead, but this is one of the newer features of launchd and it hasn't been fully tested with snmp much.

Next, we need to talk a little bit about the snmpwalk command, OIDs, and MIBs. The very short explanation of an OID is that it is a string of numbers, with a human readable name, that lives inside of a MIB file. This whole system is a hierarchically–assigned namespace for the SNMP protocol to keep track of what an agent can provide when you query it.

Let's take a look at how the snmpwalk command is used to shed some light on this. Here is a basic snmp query of our local machine again using the OID sysdescr:

mini# snmpwalk –v 2c –c public localhost sysdescr
SNMPv2–MIB::sysDescr.0 = STRING: Darwin mini.local 9.2.2
Darwin Kernel Version 9.2.2: Tue Mar 4 21:17:34 PST 2008;
root:xnu–1228.4.31~1/RELEASE_I386 i386

By examining the command we ran you may notice the syntax is identical to the syntax of the snmpdf command, with the exception of the word sysdescr. This word is an OID, and it lives in the MIB–2 file. You can refer to the references for an actual breakdown of this OID and where it lives in the larger MIB structure if you are curious, but if just want to use SNMP you only need to know important OID's to query.

As our last mention of this topic, it is important to know that the snmpwalk command retrieves all of the OIDs that are listed below it in the hierarchical structure. To get the superset of the OID that holds sysdescr, we could type in this:

mini# snmpwalk –v 2c –c public localhost system
SNMPv2–MIB::sysDescr.0 = STRING: Darwin mini.local 9.2.2 Darwin Kernel
Version 9.2.2: Tue Mar 4 21:17:34 PST 2008; root:xnu–1228.4.31~1/RELEASE_I386 i386
SNMPv2–MIB::sysObjectID.0 = OID: NET–SNMP–MIB::netSnmpAgentOIDs.255 DISMAN–EVENT–MIB::sysUpTimeInstance = Timeticks: (1892500) 5:15:25.00 [OUTPUT SHORTENED FOR SPACE]

This gives us not only the sysdescr OID, but many others as well. For writing a monitoring system you almost never query something in this manner though, you typically just find out the important lower level OIDs, and then write some scripts using them.

This is all we are going to cover about the very nitty gritty details about how SNMP is implemented. If you are curious, you do a Google search for these terms and you should get all of the reference material you need.

A Final Trick: Extending the Net–SNMP Agent with Python and OSAScript

At this point we have the basics covered for configuring, configuring, scripting, and querying SNMP on the Mac. As a final trick, we are going to extend the Net–SNMP agent on our Mac and do something fun.

We are going to write a script that tells iTunes to start up and play something on "Party Shuffle" if we query a specific OID. In order to do that we need double our already massive configuration file, or add one more line. Let's make our /etc/snmp/snmpd.conf look like this:

rocommunity public
exec PlayItunes /usr/bin/python /tmp/playitunes.py

Next, we need to write that script so that it executes when we run. Here is what that script looks like:

Listing 3: playitunes.py

#!/usr/bin/env python
from subprocess import Popen, PIPE
cmd = """osascript<<END
tell application "iTunes"
play playlist "Party Shuffle"
end tell
END"""
def play_iTunes():
     Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE)
     print "Started ITunes Party Shuffle"
play_iTunes()

Next we need to send the snmpd daemon a HUP to tell it to reread it's configuration file. Do a ps –ef | grep snmpd and then give the PID a kill –1. This is what it looks like when I do it:

mini# ps –ef | grep snmpd                                   
    0    26     1   0   0:01.82 ??         0:02.26 snmpd –f
    0   515   355   0   0:00.00 ttys000    0:00.00 grep snmpd
mini# kill –1 26

Finally, we are ready to "query" our machine and make it trigger our custom script. There is a standard OID that responds to custom scripts and it is used in the snmpwalk call below:

mini# snmpwalk –v 2c –c public localhost .1.3.6.1.4.1.2021.8
UCD–SNMP–MIB::extIndex.1 = INTEGER: 1
UCD–SNMP–MIB::extNames.1 = STRING: PlayItunes
UCD–SNMP–MIB::extCommand.1 = STRING: /usr/bin/python
UCD–SNMP–MIB::extResult.1 = INTEGER: 0
UCD–SNMP–MIB::extOutput.1 = STRING: Started ITunes Party Shuffle
UCD–SNMP–MIB::extErrFix.1 = INTEGER: noError(0)
UCD–SNMP–MIB::extErrFixCmd.1 = STRING: 

When we run the command, and see the output, we can see the print statement that we included with our script. If we actually take a look at our machine, we will notice that ITunes indeed pops up, and starts on Party Shuffle.

This is a slightly silly example for extending a Net–SNMP agent, but if you are a home power user, maybe it isn't. Who doesn't want to brag and tell your spouse, you turned on iTunes via SNMP to the downstairs computer?

Conclusion

We covered a lot of ground in this article, and hopefully got you to understand how SNMP might be useful in your computing ecosystem. There were quite a few things we glossed over, mostly the boring stuff, but they aren't entirely necessary for you to start hacking around with SNMP.

We covered about 80% of the most important material, and I will leave the remaining 20% for you to pick up on your own. If you do plan on learning more about SNMP theory it would make sense to read a book or two on the subject or read a few articles on Wikipedia on SNMP. For casual use of SNMP though, you have more than your fair share to explore with the ideas from this article.

One final word of caution though is to make sure that you only use SNMP version 1, and 2 if you are communicating on a secure LAN behind a firewall. There have been some high profile break–ins of machines that have occurred by using insecure versions of SNMP over the internet. If you do need to remotely query or a control a machine across a the internet you must use SNMP v3 to be secure.

Bibliography and References

Noah Gift. "Using Net–SNMP and IPython". IBM Developerworks,AIX and Unix, http://www.ibm.com/developerworks/aix/library/au-netsnmpnipython/.

Noah Gift. "Python and Applescript". O'Reilly. http://www.oreilly.com/pub/a/mac/2007/05/08/using-python-and-applescript-to-get-the-most-out-of-your-mac.html

Noah Gift and Jeremy Jones. Python For Unix and Linux Systems Administration. O'Reilly . ISBN: 0596515820

Guido van Rossum. Python Tutorial: http://docs.python.org/tut.

OID Value/Description of sysdescr: http://www.alvestrand.no/objectid/1.3.6.1.2.1.1.1.html


Noah Gift has been a Mac user since his family bought a Macintosh Performa 6300 in 1992, and started connected to BBS networks immediately and then eventually the World Wide Web in 1993 when it become open to the public. He is the co-author of Python For Unix and Linux Systems Administration by OÕReilly. Noah has a couple of decades of experience in the Television and Film industry starting off as an editor for ABC Network News as a teenager. He contributed to the first feature animated film for Disney Feature Animation and Sony Imageworks. He also had stints at Turner Studios and Caltech, where he worked for the Nobel Prize-winning President as a Mac expert. He has a MasterÕs degree in CIS, and is LPI and ACSA certified. He also organizes PyAtl, the local Python programmers user group in Atlanta. Currently Noah is consultant, writer and speaker, specializing in OS X/Unix, Linux, Python, and Web development for his company, Giftcs, www.giftcs.com. Many of his projects and writing are available at www.noahgift.com. He can be contacted at noah.gift@giftcs.com

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Whitethorn Games combines two completely...
If you have ever gone fishing then you know that it is a lesson in patience, sitting around waiting for a bite that may never come. Well, that's because you have been doing it wrong, since as Whitehorn Games now demonstrates in new release Skate... | Read more »
Call of Duty Warzone is a Waiting Simula...
It's always fun when a splashy multiplayer game comes to mobile because they are few and far between, so I was excited to see the notification about Call of Duty: Warzone Mobile (finally) launching last week and wanted to try it out. As someone who... | Read more »
Albion Online introduces some massive ne...
Sandbox Interactive has announced an upcoming update to its flagship MMORPG Albion Online, containing massive updates to its existing guild Vs guild systems. Someone clearly rewatched the Helms Deep battle in Lord of the Rings and spent the next... | Read more »
Chucklefish announces launch date of the...
Chucklefish, the indie London-based team we probably all know from developing Terraria or their stint publishing Stardew Valley, has revealed the mobile release date for roguelike deck-builder Wildfrost. Developed by Gaziter and Deadpan Games, the... | Read more »
Netmarble opens pre-registration for act...
It has been close to three years since Netmarble announced they would be adapting the smash series Solo Leveling into a video game, and at last, they have announced the opening of pre-orders for Solo Leveling: Arise. [Read more] | Read more »
PUBG Mobile celebrates sixth anniversary...
For the past six years, PUBG Mobile has been one of the most popular shooters you can play in the palm of your hand, and Krafton is celebrating this milestone and many years of ups by teaming up with hit music man JVKE to create a special song for... | Read more »
ASTRA: Knights of Veda refuse to pump th...
In perhaps the most recent example of being incredibly eager, ASTRA: Knights of Veda has dropped its second collaboration with South Korean boyband Seventeen, named so as it consists of exactly thirteen members and a video collaboration with Lee... | Read more »
Collect all your cats and caterpillars a...
If you are growing tired of trying to build a town with your phone by using it as a tiny, ineffectual shover then fear no longer, as Independent Arts Software has announced the upcoming release of Construction Simulator 4, from the critically... | Read more »
Backbone complete its lineup of 2nd Gene...
With all the ports of big AAA games that have been coming to mobile, it is becoming more convenient than ever to own a good controller, and to help with this Backbone has announced the completion of their 2nd generation product lineup with their... | Read more »
Zenless Zone Zero opens entries for its...
miHoYo, aka HoYoverse, has become such a big name in mobile gaming that it's hard to believe that arguably their flagship title, Genshin Impact, is only three and a half years old. Now, they continue the road to the next title in their world, with... | Read more »

Price Scanner via MacPrices.net

B&H has Apple’s 13-inch M2 MacBook Airs o...
B&H Photo has 13″ MacBook Airs with M2 CPUs and 256GB of storage in stock and on sale for up to $150 off Apple’s new MSRP, starting at only $849. Free 1-2 day delivery is available to most US... Read more
M2 Mac minis on sale for $100-$200 off MSRP,...
B&H Photo has Apple’s M2-powered Mac minis back in stock and on sale today for $100-$200 off MSRP. Free 1-2 day shipping is available for most US addresses: – Mac mini M2/256GB SSD: $499, save $... Read more
Mac Studios with M2 Max and M2 Ultra CPUs on...
B&H Photo has standard-configuration Mac Studios with Apple’s M2 Max & Ultra CPUs in stock today and on Easter sale for $200 off MSRP. Their prices are the lowest available for these models... Read more
Deal Alert! B&H Photo has Apple’s 14-inch...
B&H Photo has new Gray and Black 14″ M3, M3 Pro, and M3 Max MacBook Pros on sale for $200-$300 off MSRP, starting at only $1399. B&H offers free 1-2 day delivery to most US addresses: – 14″ 8... Read more
Department Of Justice Sets Sights On Apple In...
NEWS – The ball has finally dropped on the big Apple. The ball (metaphorically speaking) — an antitrust lawsuit filed in the U.S. on March 21 by the Department of Justice (DOJ) — came down following... Read more
New 13-inch M3 MacBook Air on sale for $999,...
Amazon has Apple’s new 13″ M3 MacBook Air on sale for $100 off MSRP for the first time, now just $999 shipped. Shipping is free: – 13″ MacBook Air (8GB RAM/256GB SSD/Space Gray): $999 $100 off MSRP... Read more
Amazon has Apple’s 9th-generation WiFi iPads...
Amazon has Apple’s 9th generation 10.2″ WiFi iPads on sale for $80-$100 off MSRP, starting only $249. Their prices are the lowest available for new iPads anywhere: – 10″ 64GB WiFi iPad (Space Gray or... Read more
Discounted 14-inch M3 MacBook Pros with 16GB...
Apple retailer Expercom has 14″ MacBook Pros with M3 CPUs and 16GB of standard memory discounted by up to $120 off Apple’s MSRP: – 14″ M3 MacBook Pro (16GB RAM/256GB SSD): $1691.06 $108 off MSRP – 14... Read more
Clearance 15-inch M2 MacBook Airs on sale for...
B&H Photo has Apple’s 15″ MacBook Airs with M2 CPUs (8GB RAM/256GB SSD) in stock today and on clearance sale for $999 in all four colors. Free 1-2 delivery is available to most US addresses.... Read more
Clearance 13-inch M1 MacBook Airs drop to onl...
B&H has Apple’s base 13″ M1 MacBook Air (Space Gray, Silver, & Gold) in stock and on clearance sale today for $300 off MSRP, only $699. Free 1-2 day shipping is available to most addresses in... Read more

Jobs Board

Medical Assistant - Surgical Oncology- *Apple...
Medical Assistant - Surgical Oncology- Apple Hill Location: WellSpan Medical Group, York, PA Schedule: Full Time Sign-On Bonus Eligible Remote/Hybrid Regular Apply Read more
Omnichannel Associate - *Apple* Blossom Mal...
Omnichannel Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Cashier - *Apple* Blossom Mall - JCPenney (...
Cashier - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Blossom Mall Read more
Operations Associate - *Apple* Blossom Mall...
Operations Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Business Analyst | *Apple* Pay - Banco Popu...
Business Analyst | Apple PayApply now " Apply now + Apply Now + Start applying with LinkedIn Start + Please wait Date:Mar 19, 2024 Location: San Juan-Cupey, PR Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.