.\"/***********************************************************
.\" 	Copyright 1988, 1989 by Carnegie Mellon University
.\" 
.\"                       All Rights Reserved
.\" 
.\" Permission to use, copy, modify, and distribute this software and its 
.\" documentation for any purpose and without fee is hereby granted, 
.\" provided that the above copyright notice appear in all copies and that
.\" both that copyright notice and this permission notice appear in 
.\" supporting documentation, and that the name of CMU not be
.\" used in advertising or publicity pertaining to distribution of the
.\" software without specific, written prior permission.  
.\" 
.\" CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
.\" ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
.\" CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
.\" ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
.\" WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
.\" ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
.\" SOFTWARE.
.\" ******************************************************************/
.TH SNMPCMD 1 "28 Mar 2001"
.UC 4
.SH NAME
snmpcmd - commmands to communicate with a network entity using SNMP Requests.
.SH SYNOPSIS
snmpcmd
[-h|-H|-V]
.br
[-v (1 | 2c | 3) ]
.br
[-O <OUTOPTS> ] [-I <INOPTS> ]
.br
[-P <PARSEROPTS> ]
.br
[-m mibs] [-M mibdirs]
.br
[-d] [-D <TOKEN[,TOKEN,...]> ]
.br
[-r retries] [-t timeout] [-p port] [-T UDP|TCP]
.br
[-c community]
.br
[-e engineid] [-Z boots time] [-n contextname]
.br
[-l seclevel] [-u secname]
.br
[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]
.br
agent [community]
commandparams
.SH DESCRIPTION
This manual page describes the common part of the parameters for
the SNMP commands:
.IR snmpbulkget ,
.IR snmpbulkwalk ,
.IR snmpdelta ,
.IR snmpget ,
.IR snmpgetnext ,
.IR snmpnetstat ,
.IR snmpset ,
.IR snmpstatus ,
.IR snmptable ,
.IR snmptest ,
.IR snmptrap ,
.IR snmpusm ,
.IR snmpwalk .
The command line applications use the SNMP protocol to communicate
with an SNMP capable network entity, an agent.
The applications may provide additional
.IR commandparams
that are specified after the
.IR agent
and authentication controls specified here.
.IP "-h"
prints the applications help message
.IP "-H"
display the configuration file directives understood be the command
.IP "-V"
prints the applications version string
.IP "-v 1 | 2c | 3"
specifies the protocol version to use: 1 (RFC 1155-1157), 2c (RFC 1901-1908),
or 3 (RFC 2571-2574)
The default is -v 1
.IP "-P wWecduR"
specifies MIB parsing options. See MIB PARSING OPTIONS below.
.IP "-O nEebqfsSvXT"
specifies output printing options. See OUTPUT OPTIONS below.
.IP "-I Rbr"
specifies input parsing options. See INPUT OPTIONS below.
.IP "-m mibs"
specifies a colon separated list of MIB modules to load for this application.
This overrides the environment variable MIBS.
.br
The special keyword "all" is used to specify all modules in all directories
when searching for MIB files.
Every file whose name does not begin with "."
will be parsed as if it were a MIB file.
.IP "-M mibdirs"
specifies a colon separated list of directories to search for MIBs.
This overrides the environment variable MIBDIRS.
.IP "-d"
request the application to dump all SNMP packets sent and received
.IP "-D <TOKEN[,TOKEN,...]> "
request debugging output.  The comma separated TOKENs list
specifies what type of debugging information you which to view.  Only
debugging information about those TOKEN types will be shown to you.
Only the beginning of the token needs to match.  In other words,
specifying 
.B -DmibII
will print debugging output for debugging symbols
.I mibII
as well as 
.I mibII/system.
.IP
The special keyword "all" will display all debugging
output.
.IP
The special keyword "trace" will display source code tracing output.
.IP "-r retries"
specifies the number of retries to be used in the requests. The default
is 5.
.IP "-t timeout"
specifies the timeout between retries. The default is 1.
.IP "-p port"
specifies the port to communicate with at the agent. The default is 161,
except for snmptrap, which defaults to 162.
.IP "-T UDP|TCP"
specifies the transport type to use.  By default, UDP is used unless
TCP is specified here.
.IP "-c community"
specifies the v1/v2c community for the transaction.
.IP "-e engineid"
sets the authoritative(security) engineID used for SNMP v3 Request messages.
This is the engineID of the agent or proxy (e.g., 800000020109840301). (will 
be discovered if not supplied)
.IP "-E engineid"
sets the context engineID used for SNMP v3 Request messages scopedPdu.
This is the engineID of the agent (e.g., 800000020109840301). (will be
authoritative engineID if not specified)
.IP "-Z boots,time"
sets the engineBoots and engineTime used for authenticated SNMP v3 messages.
This will initialize the local notion of the agents boots/time with an
authenticated value stored in the LCD. (will be discovered if not supplied)
.IP "-n contextname"
sets the destination contextName used for SNMP v3 messages. Default 
contextName is the empty string "".
.IP "-l seclevel"
sets the securityLevel used for SNMP v3 messages 
(noAuthNoPriv|authNoPriv|authPriv). Appropriate pass phrase(s) must provided
when using any level higher than noAuthNoPriv.
.IP "-u secname"
sets the securityName used for authenticated SNMP v3 messages.
.IP "-a authproto"
sets the authentication protocol (MD5|SHA) used for authenticated SNMP v3 messages.
.IP "-A authpasswd"
sets the authentication pass phrase used for authenticated SNMP v3 messages.
.IP "-x privproto"
sets the privacy protocol (DES) used for encrypted SNMP v3 messages.
.IP "-X privpasswd"
sets the privacy pass phrase used for encrypted SNMP v3 messages.
.PP
The
.I agent
specification may be either a host name or an internet address
specified in "dot notation".
.PP
The version 1, or version 2c,
.I community
specifies the community name for the transaction with the remote system.
If a \fIsnmp.conf\fR file specifies a \fIdefCommunity\fR this is not a
positional parameter. You should use the \fI-c community\fR form anyway.
.PP
.SH "MIB PARSING OPTIONS"
The UCD parser mostly adheres to
the Structure of Management Information (SMI).
As that specification has changed through time,
and in recognition of the
diversity in compliance expressed in MIB files, 
additional options provide more flexibility in reading MIB files.
.IP "-Pw"
Show some warning messages in resolving the MIB files.
Can be also set with the configuration token "mibWarningLevel".
.IP "-PW"
Show additional warning messages.
Can be also set with the configuration token "mibWarningLevel".
.IP "-Pe"
Don't show MIB errors.
Can be also set with the configuration token "showMibErrors".
.IP "-Pc"
Allow ASN.1 comment to extend to the end of the MIB source line.
This overcomes some problems with manually maintained MIB files.
Can be also set with the configuration token "strictCommentTerm".
.IP "-Pd"
Collect the DESCRIPTION information into the parsed hierarchy.
This increases the memory used by the size of each DESCRIPTION clause.
.IP "-Pu"
Allow underline characters in symbols.
Can be also set with the configuration token "mibAllowUnderline".
.IP "-PR"
Replace MIB objects using the last read MIB file.
WARNING: Setting this option may result in an incorrect hierarchy.
Can be also set with the configuration token "mibReplaceWithLatest".
.PP
.SH "OUTPUT OPTIONS"
Output display can be controlled by passing various parameters to the
-O flag.  The following examples should demonstrate this.
.PP
The default output looks as follows:
.br
snmpget -c public localhost system.sysUpTime.0
.br
system.sysUpTime.0 = Timeticks: (14096763) 1 day, 15:09:27.63        
.IP -Oq
removes the equal sign and type information,
.br
system.sysUpTime.0 1:15:09:27.63
.IP -Of
gives you the complete OID
.br
 .iso.org.dod.internet.mgmt.mib-2.system.sysUpTime.0 = Timeticks: (14096763) 1 day, 15:09:27.63
.IP -Os
deletes all by the last symbolic part of the OID
.br
sysUpTime.0 = Timeticks: (14096763) 1 day, 15:09:27.63
.IP -OS
is a variant of this, adding the name of the MIB that defined this
object
.br
SNMPv2-MIB::sysUpTime.0 = Timeticks: (14096763) 1 day, 15:09:27.63
.IP -On
prints the OID numerically
.br
snmpget -On -c public localhost system.sysUpTime.0
.br
 .1.3.6.1.2.1.1.3.0 = Timeticks: (14096763) 1 day, 15:09:27.63
.IP -Oe
removes the symbolic labels from enumerations:
.br
snmpget -c public localhost ip.ipForwarding.0
.br
ip.ipForwarding.0 = forwarding(1)
.br
snmpget -c public -Oe localhost ip.ipForwarding.0
.br
ip.ipForwarding.0 = 1
.IP -Ob
When OIDs contain a index to a table,
they are broken into the displayable pieces and shown to you.  For
example the oid vacmSecurityModel.0.3.119.101.115 is nicely broken
down by default and the string hidden in the oid is shown to you as
vacmSecurityModel.0."wes".
The -Ob option diables this feature and displays it as
vacmSecurityModel.0.3.119.101.115 again.
.IP -OE
This modifies the index strings to include a \\ to escape the quotes,
to allow them to be reused in shell commands, such as
vacmSecurityModel.0.\\"wes\\"
.IP -OX
This modifies the output of index oids, to look more "program like".
If you take an entry from the IPV6-MIB::ipv6RouteTable, it is indexed with
an IPv6 address and two integers, and if you are used to IPv6 addresses
you will know that decimal oids are not the preferred notation. Compare
.br
$ snmpgetnext -OS host IPV6-MIB:ipv6RouteTable
.br
IPV6-MIB::ipv6RouteIfIndex.63.254.1.0.255.0.0.0.0.0.0.0.0.0.0.0.64.1 = 2
.br
$ snmpgetnext -OSX host IPV6-MIB:ipv6RouteTable
.br
IPV6-MIB::ipv6RouteIfIndex[3ffe:100:ff00:0:0:0:0:0][64][1] = 2
.IP -OT
If hexadecimal code is printed, this will also print any printable
characters after the hexadecimal codes.
.IP -Ov
Output only the variable value, not the OID:
.br
snmpget -c public -Ov localhost ip.ipForwarding.0
.br
forwarding(1)
.IP -Ot
Output timeticks values as raw numbers.
.br
$ snmpget -Ot -c public localhost system.sysUpTime.0
system.sysUpTime.0 = 206996857
.PP
Note that most of these options can be turned on or off by default by
tuning the snmp.conf file.  See the snmp.conf(5) manual page for
details.
.SH "INPUT OPTIONS"
The -I flag specifies various options that control how your input to
the program is parsed.  By default, all input parsing methods are
used: First the oid is parsed regularly, then -IR is used, then -Ib
is used, unless one of the following flags is specified which will
force it to only use one method.
.IP -IR
The -IR flag specifies random access lookup, so that if the entire OID 
path is not specified, it will search for a node in the mib tree with
your name.  Normally, you'd have to specify the vacmSecurityModel oid
above as
 .iso.org.dod.internet.snmpV2.snmpModules.snmpVacmMIB.vacmMIBObjects.vacmSecurityToGroupTable.vacmSecurityToGroupEntry.vacmSecurityModel.0."wes", 
but the use of the -IR flag allows you to shorten that to just
vacmSecurityModel.0."wes".
.IP
Additionally, see the RANDOM ACCESS MIBS section below.
.IP -Ib
The -Ib flag indicates that the expression you gave it is actually a
regular expression that should be used to search for the best match
possible in the mib tree.  This would allow you to specify the node
vacmSecurityModel MIB node as something as generic as
vacmsecuritymodel (since case insensitive searches are done) or
vacm.*model.  Note that multiple matches are obviously possible (.*
matches everything), and the best result is currently calculated as
the one that matches the closest to the beginning of the node name and
the highest in the tree.  A current side effect of this option is that 
you can't specify indexes or multiple nodes, since the '.' is treated
as part of the regular expression.
.IP -Ir
By default, indices into tables and values to be assigned to objects
are checked against range and type specified in the MIB.
The -Ir flag disables this check.
This flag is mostly useful when you are testing an agent.
For normal operation it is useful to get your requests checked
before they are sent to the remote agent (the diagnostic
that the library can provide is also much more precise).
.SH "RANDOM ACCESS MIBS"
Normally, an object identifier such as system.sysDescr.0 will be
lookup in a single "wellknown" place, built into the SNMP library (or
specified by the PREFIX environment variable).  The standard place
is: .iso.org.dod.internet.mgmt.mib-2.  The identifier may alternatively be
a complete object identifier, this is designated by a leading "dot".
To simplify the specification of object identifiers the library
supports random access to the identifiers in the MIBs. This is
requested by the -IR option to the SNMP applications.  Additionally,
-Os prints oids in this manner.  Using this, system.sysDescr.0 may
also be entered as sysDescr.0.  To search only a single MIB for the
identifier (if it appears in more than one), specify it as
SNMPv2-MIB::sysDescr.0. (use -OS to print output oids in this
manner). This notation will also make sure that the specified MIB is
loaded, i.e. it need not be mentioned in the -m option (or MIBS
environment variable).
.SH "ENVIRONMENT VARIABLES"
.IP PREFIX
The standard prefix for object identifiers.
Defaults to .iso.org.dod.internet.mgmt.mib-2
.IP MIBS
The list of MIBs to load. Defaults to
SNMPv2-TC:SNMPv2-MIB:IF-MIB:IP-MIB:TCP-MIB:UDP-MIB:SNMP-VACM-MIB.
Overridden by the -m option
.IP MIBDIRS
The list of directories to search for MIBs. Defaults to PREFIX/share/snmp/mibs.
Overridden by the -M option
.IP SUFFIX
If this variable is set, the applications acts as if the -s option is specified.
.SH FILES
.IP PREFIX/share/snmp/snmpd.conf
Agent configuration file. See snmpd.conf(5)
.IP PREFIX/share/snmp/snmp.conf
.IP ~/.snmp/snmp.conf
Application configuration files. See snmp.conf(5)
.SH "SEE ALSO"
snmpget(1), snmpgetnext(1), snmpset(1),
snmpbulkget(1), snmpbulkwalk(1), snmpwalk(1),
snmptable(1), snmpnetstat(1), snmpdelta(1), snmptrap(1), snmpinform(1),
snmpusm(1), snmpstatus(1), snmptest(1),
snmp.conf(5).