There's a "hidden" Cisco ASA CLI command in order to retrieve the SNMP MIB OID info without performing an SNMP walk from a remote server/NMS. The Management Information Base (MIB) is the hierarchical (tree) structure of the SNMP Object Identifier (OID). OID is the long code string or numbers separated by dots. It uniquely identifies an SNMP managed object such as a device interface, CPU, memory, bandwidth/traffic stats, etc.
I had a high CPU alarm in our NMS but there was no high CPU when checked. It was later found out the NMS didn't support the new Firepower ASA platform using multiple Core CPU, so it needed to update its MIB OID database.
FPR2100# show cpu core all
Core 5 sec 1 min 5 min
Core 0 1.4% 0.8% 0.7%
Core 1 0.2% 0.2% 0.2%
Core 2 0.2% 0.2% 0.2%
Core 3 0.2% 0.2% 0.2%
Core 4 0.2% 0.2% 0.2%
Core 5 0.2% 0.2% 0.2%
Core 6 0.2% 0.2% 0.2%
Core 7 0.2% 0.2% 0.2%
Core 8 0.2% 0.2% 0.2%
Core 9 0.2% 0.2% 0.2%
Core 10 0.2% 0.2% 0.2%
Core 11 1.0% 0.6% 0.5%
Core 12 0.2% 0.2% 0.2%
Core 13 0.2% 0.2% 0.2%
Core 14 0.2% 0.2% 0.2%
Core 15 0.2% 0.2% 0.2%
Core 16 0.2% 0.2% 0.2%
Core 17 0.2% 0.2% 0.2%
Core 18 0.2% 0.2% 0.2%
Core 19 0.2% 0.2% 0.2%
Core 20 0.2% 0.2% 0.2%
Core 21 0.2% 0.2% 0.2%
The output below came a Cisco ASA5515-X firewall. You'll need to run this command in the admin context if the ASA is in Multiple Context mode.
ciscoasa# show snmp-server ?
engineID Show snmp engineID
group Show snmp groups
host Show snmp host's
statistics Show snmp-server statistics
user Show snmp users
ciscoasa# show snmp-server oidlist ? // IT'S A HIDDEN CLI COMMAND
ERROR: % Unrecognized command
ciscoasa# show snmp-server oidlist
-------------------------------------------------
[0] 1.3.6.1.2.1.1.1. sysDescr
[1] 1.3.6.1.2.1.1.2. sysObjectID
[2] 1.3.6.1.2.1.1.3. sysUpTime
[3] 1.3.6.1.2.1.1.4. sysContact
[4] 1.3.6.1.2.1.1.5. sysName
[5] 1.3.6.1.2.1.1.6. sysLocation
[6] 1.3.6.1.2.1.1.7. sysServices
[7] 1.3.6.1.2.1.1.8. sysORLastChange
[8] 1.3.6.1.2.1.1.9.1.2. sysORID
[9] 1.3.6.1.2.1.1.9.1.3. sysORDescr
[10] 1.3.6.1.2.1.1.9.1.4. sysORUpTime
[11] 1.3.6.1.2.1.2.1. ifNumber
[12] 1.3.6.1.2.1.2.2.1.1. ifIndex
[13] 1.3.6.1.2.1.2.2.1.2. ifDescr
[14] 1.3.6.1.2.1.2.2.1.3. ifType
[15] 1.3.6.1.2.1.2.2.1.4. ifMtu
[16] 1.3.6.1.2.1.2.2.1.5. ifSpeed
[17] 1.3.6.1.2.1.2.2.1.6. ifPhysAddress
[18] 1.3.6.1.2.1.2.2.1.7. ifAdminStatus
[19] 1.3.6.1.2.1.2.2.1.8. ifOperStatus
[20] 1.3.6.1.2.1.2.2.1.9. ifLastChange
[21] 1.3.6.1.2.1.2.2.1.10. ifInOctets
[22] 1.3.6.1.2.1.2.2.1.11. ifInUcastPkts
<--- More --->
<OUTPUT TRUNCATED>
[1002] 1.3.6.1.6.3.15.1.2.2.1.3. usmUserSecurityName
[1003] 1.3.6.1.6.3.15.1.2.2.1.4. usmUserCloneFrom
[1004] 1.3.6.1.6.3.15.1.2.2.1.5. usmUserAuthProtocol
[1005] 1.3.6.1.6.3.15.1.2.2.1.6. usmUserAuthKeyChange
[1006] 1.3.6.1.6.3.15.1.2.2.1.7. usmUserOwnAuthKeyChange
[1007] 1.3.6.1.6.3.15.1.2.2.1.8. usmUserPrivProtocol
[1008] 1.3.6.1.6.3.15.1.2.2.1.9. usmUserPrivKeyChange
[1009] 1.3.6.1.6.3.15.1.2.2.1.10. usmUserOwnPrivKeyChange
[1010] 1.3.6.1.6.3.15.1.2.2.1.11. usmUserPublic
[1011] 1.3.6.1.6.3.15.1.2.2.1.12. usmUserStorageType
[1012] 1.3.6.1.6.3.15.1.2.2.1.13. usmUserStatus
[1013] 1.3.6.1.6.3.16.1.2.1.3. vacmGroupName
[1014] 1.3.6.1.6.3.16.1.2.1.4. vacmSecurityToGroupStorageType
[1015] 1.3.6.1.6.3.16.1.2.1.5. vacmSecurityToGroupStatus
-------------------------------------------------
No comments:
Post a Comment