A hidden gem – SNMP

Something I had found odd for sometime was a lack of SNMP polling within PowerShell. The tool is so powerful so why can’t we query pesky switches, printer and other IT equipment for small, fast and useful data. Sure we could use one of many available CLI or GUI tools, but plain text/string manipulation is a pain! Well it turns out its hidden in an obscure place, within olePrn.OleSNMP ComObject. I don’t recall where I came across this information originally, but thank you GoogleFu for finding it.

The only information we need to use to make this work: A hostname or IP, read community string and an OID we wish to query.

$SNMP = New-Object -ComObject olePrn.OleSNMP
$snmp.open(‘host’,’community string’,attempts#,timeout(ms))
$snmp.get(‘an oid’)

$SNMP = New-Object -ComObject olePrn.OleSNMP
$snmp.open('192.168.23.201','PowerShellIsCool',2,1000)
$snmp.get('.1.3.6.1.2.1.1.1.0')

On the face of it, this really doesn’t seem that amazing a feature. That is until you’re asked by a colleague to find a way of confirming what SNMP community string matches what host so urgent monitoring additions can be made. You know, when a client has 6 com strings in use, no one has updated the CMDB (or an entry does not exist at all) and a whole heap of other challenges are presented. Trying to test one at a time is a slow process and prone to human error. Enter SNMPofAwesome.ps1

The SNMP object itself has some … challenges. Namely, error handling is basically non-existent, though a combination of try{}catch{} and looking at the Automatic_Variable $error lets us get around thesse limits.

SNMPofAwesome looks in two CSV (I like using CSV’s) for a list of hostnames/IP’s with OID to check (host.csv) and a list of community strings (comstrlist.csv) to iterate through. Once complete, a results CSV will be opened.

# To reduce the amount of red on the screen.
#$ErrorActionPreference = "silentlycontinue"

# Load a SNMP thingy via printer COM Object (yes, printers!!)
$SNMP = New-Object -ComObject olePrn.OleSNMP

# some variables used
$comstr = import-csv .\comstrlist.csv
$hosts = import-csv .\Hosts.csv
$result = @()

## --= Info on above vars =-- ##
# $comstr -- comstr == the community string to test
# $hosts -- host,oid -- .1.3.6.1.2.1.1.1.0 == system description and typically always available
##

# just incase this has been run after some failed attempts...
$error.clear()

foreach ($h in $hosts){
write-host "Testing $($h.host)"
if (Test-Connection $h.host -count 1 -ea 0) {
for ($i = 0;$i -lt ($comstr | measure).count;$i++){
#establish SNMP connection. Unfortunately this does not error :(
$snmp.open($h.host,$comstr[$i].comstr,2,1000)

try {
$snmp.get($h.oid) | out-null
}catch{
$snmp.close()
if ($i -eq ($comstr | measure).count-1) {
# the if () above is checking if all comstr's have been used. If so ends for loop and updates $result
$result += New-Object PsObject -Property ([ordered]@{ Host = $h.host ; Com_str = "No working Community String identified or possible OID error"})
$error.clear()
break
}
} #catch

# If there is an error.. do nothing
if (!$error){
# if there is no error, it worked. Exit the for loop. no need to test further. Record it..
$result += New-Object PsObject -Property ([ordered]@{ Host = $h.host ; Com_str = $comstr[$i].comstr})
break
}
$error.clear()
} #for
}else{
$result += New-Object PsObject -Property ([ordered]@{ Host = $h.host ; Com_str = "Host not found or not responding"})
}
#closes successful connections and clears errors.
$snmp.close()
$error.clear()

}

$result | export-csv -notype .\SNMPOfAwesomeRESULTS.CSV
start '.\SNMPOfAwesomeRESULTS.CSV'

Of interest, you can also perform a walk using .gettree()

PS C:\Users\richo> $snmp.gettree('.1.3.6.1.2.1.1.1')
system.sysDescr.0
Linux linuxtest 3.13.0-128-generic #177-Ubuntu SMP Tue Aug 8 11:41:08 UTC 2017 i686