After using SNMP to query a remote device for a particular ObjectType and getting the response ObjectType (which includes the MIB identity and the corresponding value), it is useful to be able to programmatically parse the PySNMP ObjectIdentity. This allows you to read the OID hierarchy and get a list human-readable MIB variable names for each node in the list.
The information obtained with SNMP from network devices ranges from being simple timeseries type data like interface metrics to complex and sensitive status information about the features and protocols that the device is running. It is critical to protect this information when in transit between an SNMP agent and manager by utilizing SNMPv3. Sensitive data from network devices being sent in SNMP responses can be used by malicious parties to perform reconnaissance about your environment, learn which protocols and features you utilize, and prepare for a more specific attack based on the information that is learned.
Up until now my articles (PySNMP HLAPI, Compiling MIB's for PySNMP) have focused on using simple SNMP GET requests with PySNMP's getCmd. This works great for simple SNMP queries where you only need one piece of information. When performing gathering of larger data sets with SNMP, issuing single SNMP GET requests for each data point can be very inefficient. Often times you are limited by the latency that exists between the SNMP manager (your script/code) and the SNMP agent running on a network device. In this article we will explore PySNMP's implementation of SNMP GET NEXT and GET BULK using the nextCmd and bulkCmd command generators and how to retrieve the ifTable table of data from an SNMP agent.
The ability to refer to a SNMP MIB variable by name is an important aspect for increasing readability and understanding of your Python scripts. PySNMP comes with several common pre-compiled MIB's in a format that its capable of using, but if you need to query a MIB variable it doesn't ship with, you're left refering to the variable as an SNMP OID. Having to remember what a particular OID is for, or creating a mapping table between a MIB variable name and its OID (such as a Python dictionary), can become tedious. Additionally, parsing a PySNMP ObjectType class instance that isn't fully translated to the MIB variable name can make things more complicated.
I've previously written about PySNMP's simpler SNMP query using one-liner command generator as a method to send SNMP queries using an OID. That method allows you to avoid having to compile MIB's that do not come as a default in the PySNMP library. In the next few posts I want to outline how to use PySNMP's high-level API (hlapi) and how to complie any MIB's that may be missing. This will help you use PySNMP in its intended fashion, and using the name of the OID which provides for better readability.
Within this article I will explore PySNMP's hlapi by breaking down it's own quick start 'fetch SNMP variable example. The hlapi was designed to be an easy to use API for as close to a 'one-liner' SNMP query as you can get. The examples in this guide will focus on the synchronous implementation (performing one SNMP task at a time), but there is the capability to implement PySNMP asynchronously if you are looking for increased speed and scalability.