I'm not sure you are hitting the correct OID.
I think what you want to do is snmpwalk.
snmp trap is something the device sends you.
<snip sorry>
In my environment the access layer devices are just layer 2 devices.
So I can't get from ip -> port number.
I keep a history of ip -> mac addresses
I run an old tool called arpwatch.
ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
It it builds three files:
first.txt ## this keeps track when it first saw a mac address.
current.txt ##this shows the ip/mac it saw on the last run
history.txt ##this show the hist of a mac address over time.
head history.txt
20091210/08:27 10.3.2.4 00:04:4E:60:C0:54
20111025/00:30 10.3.2.3 00:0F:CB:A1:80:ED
20100913/16:30 10.3.2.3 00:0F:CB:A1:80:ED
20110623/12:30 10.3.2.5 00:14:22:F3:EC:45
20091210/08:27 10.3.2.3 00:14:7C:4B:0C:00
>>>snip...
I then have to harvest cam tables from the switches and map to this data.
I need the port they are on really fast. (rouge DHCP, dup address, etc)
#!/usr/bin/perl -w use strict; ## sweep.pl ## program havest ethernet cam tables from a list switches contained ## in files in $switch_file_dir ## rev 1.1 ## 1.1 changes the ouput file, and fixes it to append, adds grep examp +le ## this line left blank #### # modules use Parallel::ForkManager; ### # global varibles my $rev = "1.1"; my $count=0; my $debug = 1; my $answer = "n"; my $switch_num_input =""; my @switchfiles_array = (); my $directory = "Data"; # directory for output my $max =50; # number of concurrent processes my %port_count_hash; my @bridgetable; ## switchfile is just a list of switches ## each building has a file in the dir Switchfiles/ ## building14 building 15... # witch the snmp read string ## switchfile example ## 192.168.1.10 public ## 192.168.1.15 public #get the list of switchfiles while ($answer =~ /^n/i ) { $count=0; @switchfiles_array =<Switchfiles/*>; &draw_line; &print_switchfiles (@switchfiles_array); &draw_line; print "(ver$rev)"; print "\t enter number?: "; chomp($switch_num_input = <STDIN>); print "\n\n"; die "please enter a number\n\n\n" unless $switch_num_input =~/\d+$ +/; die "number doesn't exist\n\n\n" unless $switchfiles_array[$switch +_num_input]; my $file_check = &remove_dir($switchfiles_array[$switch_num_input] +); print "\t\t-----> $file_check\n\n\n"; print "(y/n) ?: "; $answer = <STDIN>; } mkdir $directory, 0700 unless (-d "$directory"); &erase_directory ($directory); unlink "ether.txt"; my $switch_file = <$switchfiles_array[$switch_num_input]>; open FH , $switch_file; my @switch_file_lines = <FH>; close FH; print""; my $pm = new Parallel::ForkManager($max); $pm->run_on_finish( sub { my ($pid, $exit_code, $ident) = @_; } ); $pm->run_on_wait( sub { print "please hold....\n"; } ); foreach my $child(0..$#switch_file_lines) { my $pid=$pm->start($switch_file_lines[$child]) and next; #this co +de is the child process my $switches_line = $switch_file_lines[$child]; my @lines_array = split /\s+/, $switches_line; my $ip = $lines_array[0]; my $community = $lines_array[1]; my @bridgetable = `snmpwalk -Cc -c $community -v 1 $ip .1.3.6.1.2. +1.17.4.3.1.2`; # number of macs on each port foreach (@bridgetable) { chomp; my @bt_array = split /[\. ]/,$_; $port_count_hash{$bt_array[14]}++; } open(SWEEP_OUT,">>$directory/$ip"); foreach (@bridgetable) { my @bt_array = split /[\. ]/,$_; my $port_number = $bt_array[14]; printf SWEEP_OUT "%02x%02x%02x%02x%02x%02x",$bt_array[6],$bt_a +rray[7],$bt_array[8],$bt_array[9],$bt_array[10],$bt_array[11]; print SWEEP_OUT " $ip/$port_number" , " $port_count_hash{$port +_number} \n"; } $pm->finish($child) } print "child leaving pool\n"; $pm->wait_all_children; print "all child proccesses done.\n"; my @files = <$directory/*>; open SWEEP_OUT, ">>ether.txt"; foreach (@files){ open SWITCH_FH,"<$_"; my @all_lines = <SWITCH_FH>; foreach (@all_lines) { print SWEEP_OUT $_; } } &draw_line; print " \t You can search the file \"ether.txt\" with the command \"gr +ep\" \n"; print " \t Ethernet addresses are formatted like c42c032225a9\n"; print " \t example: grep 2225a9 ether.txt"; &draw_line; ######################## # subs sub remove_dir { $_ = shift @_; $_=~/^\S*\/(.*)/; # set after dir to $1 $_=$1; # remove leading dir without looking anything up :) + } sub draw_line { print "\n"; print "=" x60; print "\n"; } sub print_switchfiles { my @switchfiles_array = @_; foreach (@switchfiles_array) { $_ = &remove_dir ($_); print"$count. $_\n"; $count++; } } sub erase_directory { my $directory = shift @_; my @files = <$directory/*>; foreach (@files){ unlink "$_"; } }
This is all based on the standard mib tree so depending on what you were after, this could work for you too.
Good luck, Rob
In reply to Re: SNMP Trap
by williams554
in thread SNMP Trap
by Leeon
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |