Discovery Issue: SNMP - Classify: 0 OIDs

john_duchock
Kilo Guru

Greetings !!

An interesting discovery issue has arisen in Dublin that i have not seen before.   As we discover a particular router device, we achieve authentication via SNMP community string without a problem, but the OID information returned for classification is...zero OIDs !  

Some facts to note:

- Device is a Cisco 2911 (1.3.6.1.4.1.9.1.1045)

- OID has been added to SNMP OID's and appears on the classifier appropriately

- Device can be walked using MobaXTerm using a particular community string

- Credential settings in ServiceNow have the community string being used before all others (order = 2; all others 90+)

- The fact that i get "SNMP - Classify: 0 OIDs" in the ECC queue tells me that i am at least authenticating...

The (continued) result:

ECC.jpg

Could this be a problem with SNMP v2 vs. SNMP v3?

Will a Eureka upgrade resolve this? (we are upgrading soon)...

Thanks guys !

John

8 REPLIES 8

Hi - generally, these rules are often defined on routers/switches, preventing IP traffic between MID server and the target device.  The network engineers that manage routers know how to open up traffic (remove/change rules that are blocking traffic).   They need the IP of the MID server(s) and IP of the target devices/network.    To be clear, these 'rules' are generally NOT on the MID itself but rather on the network router/switches, hence the network team often is involved in making tweaks to allow traffic from MIDs to do their job.

 

Hope this helps?

Good deal, before I scrolled to answers my first thought was "traffic isn't routing." 

For those that stumble on this and troubleshoot - a suggestion is testing connectivity from the MID itself.

 

Here's how: 

 

  • In a best-case, having login access to the MID Server itself is handy to rule that out quickly - outside of ServiceNow. I.E. Use Putty (if installed) to check SSH and the credentials from the MID, if it fails, the server can't talk to the endpoint on port 22.
  • SNMP is a little trickier to test from windows just because (as far as I know) there are no native tools installed - but tools like SNMP Walk let you run the SNMP commands/queries from a command line. If that fails, also a firewall rule or you can't route from the subnet the MID is on to the endpoint. This gets especially handy to see why a specific data point isn't working as you can test OIDs and response data. 
  • In both cases, it's usually best to engage the responsible network team to validate, but I like to have my ducks in a row from testing to prevent the "it's on your end" default answer that we often get 😁

RAHUL Khanna1
Mega Guru

Any idean how Can I find community string and snmpv2/v3 creds for a router, to discover all the CI present on the network

I am afraid i have always relied on the Infrastructure (Network) team to provide community strings.  The router vendor may have a 'public' string that can be used...