Get OpenNMS
Get Involved
Get to Know Us
From OpenNMS
It has been asked on the list if ONMS could support searching through multiple community strings. While this could be done it is probably better to (a) manage your community strings better and (b) to have another utility tool that can search through the community strings you want and generate the proper snmp-config.xml file for you so that ONMS can focus on other things.
So in that light here is a quick and dirty shell script that will do the job.
First create a file called snmp-communities.list with each community you want test on a single line:
NOTE: the values for the snmp-communities.list & ip.list files are just examples. Make sure you put the proper values for your network in these files.
snmp-communities.list
public not-so-public i-think-i-used-this-too ig0tfancy4u
Then either use the file that OpenNMS builds (or at least use to build) in the {OPENNMS_HOME}/etc directory called "include" or create your own called ip.list. Again a single IP per line. (NOTE: you can always run a query against the database and have it dump the found nodes to a text file for you also... Whatever is your pleasure.)
ip.list
192.168.1.1 192.168.1.2 192.168.1.3 10.0.0.1 10.0.0.2 10.1.0.1 10.1.0.2
Finally, cut and paste the following script to a file named whatever you want and make it executable. On the machine you run this on you need (a) access to every IP you want to test and (b) snmpwalk.
NOTE: running this script can get you in trouble with your IT staff if you are not authorized to do this. In some environments you will automatically lose your network access. Run with permission!
SnmpCommunityTester
#!/bin/sh
#
# Long drawn out SNMP community finder...
#
# Mike Coakley
# mcoakley@managedbusiness.com
# Oct 2006
# v1.0
#
# Software ASIS... Use with caution
#
COMMUNITY_FILE="snmp-communities.list"
IP_FILE="ip.list"
SNMP_FILE="snmp-config.xml"
echo '<!-- Autogenerate snmp-config.xml file -->' > $SNMP_FILE
echo "<?xml version=\"1.0\"?>" >> $SNMP_FILE
echo "<snmp-config retry=\"4\" timeout=\"800\" version=\"v2c\">" >> $SNMP_FILE
for ip in $(cat $IP_FILE); do
FOUND=0
echo "Trying $ip..."
for com in $(cat $COMMUNITY_FILE); do
echo " with community $com..."
NAME=$(snmpwalk -c $com -v1 $ip sysName 2> /dev/nul | awk -F ":" ' { print $4 } ')
if [ "$NAME" != "" ]; then
echo " Found $NAME with $com against $ip using SNMP v1"
echo " ... trying v2c"
NAME=$(snmpwalk -v2c -c $com $ip sysName 2> /dev/nul | awk -F ":" ' { print $4 } ')
if [ "$NAME" != "" ]; then
echo " Found $NAME with $com against $ip using SNMP v2c"
echo " ** Going to create the definition using v2c (DEFAULT)"
echo " <definition read-community=\"$com\">" >> $SNMP_FILE
echo " <specific>$ip</specific>" >> $SNMP_FILE
echo " </definition>" >> $SNMP_FILE
else
echo " ** Going to create the definition using v1"
echo " <definition read-community=\"$com\" version=\"v1\">" >> $SNMP_FILE
echo " <specific>$ip</specific>" >> $SNMP_FILE
echo " </definition>" >> $SNMP_FILE
fi
FOUND=1
break
fi
done
if [ $FOUND = 0 ]; then
echo " No matching communities found for $ip"
fi
done
echo "</snmp-config>" >> $SNMP_FILE
echo "Done searching for communities for ya! LATER!"
