I'm creating new MiB, which includes object groupProcessInfo, which task is to return status of X application processes, where X is substituted with the name of the application.
Each process in MiB is defined like this:
appXState OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "X service"
::= { groupProcessInfo 10 1 }
appXMemUsage OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "X service"
::= { groupProcessInfo 10 2 }
and assigned to object:
groupProcessInfo OBJECT IDENTIFIER ::= { myMIB 1 }
There is a main bash script, which finds out status of processes using utilities or another bash scripts, these scripts takes different amount of time, so when snmpwalk or snmpget, I need to specify larger timeout (-t).
Main bash script is passed to snmpd.conf using command:
pass .1.3.6.1.4.1.x.y.3.10 /etc/snmp/scripts/process.sh
When I try to obtain values of appXState or appXMemUsage using snmpget or snmpgetnext it works and correct value is always returned, but snmpwalk does not work as expected.
When I run this command:
$ snmpwalk -Cp -Ct -v 2c -t 20 -m +MY-MIB -c testing localhost groupProcessInfo
It sometimes returns less variables with traversal time significantly less.
When this happens in trace mode (-D all) the snmpagent returns as last variable SNMPv2-MIB::snmpSetSerialNo.0, which is not in OID tree. This does not happen in runs when all variables from tree are returned correctly.
Trace mode output:
trace: snmp_comstr_parse(): snmp_auth.c, 130:
dumph_recv: SNMP version
dumpx_recv: 02 01 01
dumpv_recv: Integer: 1 (0x01)
trace: snmp_comstr_parse(): snmp_auth.c, 142:
dumph_recv: community string
dumpx_recv: 04 07 74 65 73 74 69 6E 67
dumpv_recv: String: testing
trace: _snmp_parse(): snmp_api.c, 4142:
dumph_recv: PDU
trace: snmp_pdu_parse(): snmp_api.c, 4362:
dumpv_recv: Command RESPONSE
trace: snmp_pdu_parse(): snmp_api.c, 4447:
dumph_recv: request_id
dumpx_recv: 02 04 0E 5E DD 9C
dumpv_recv: Integer: 241098140 (0xE5EDD9C)
trace: snmp_pdu_parse(): snmp_api.c, 4458:
dumph_recv: error status
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
trace: snmp_pdu_parse(): snmp_api.c, 4469:
dumph_recv: error index
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
trace: snmp_pdu_parse(): snmp_api.c, 4487:
dumph_recv: VarBindList
trace: snmp_pdu_parse(): snmp_api.c, 4503:
dumph_recv: VarBind
trace: snmp_parse_var_op(): snmp.c, 164:
dumph_recv: Name
dumpx_recv: 06 0A 2B 06 01 06 03 01 01 06 01 00
dumpv_recv: ObjID: SNMPv2-MIB::snmpSetSerialNo.0
trace: snmp_pdu_parse(): snmp_api.c, 4512:
dumph_recv: Value
dumpx_recv: 02 04 12 55 CB EF
dumpv_recv: Integer: 307612655 (0x1255CBEF)
trace: _sess_process_packet(): snmp_api.c, 5244:
sess_process_packet: received message id#0 reqid#241098140 len 50
trace: snmp_synch_input(): snmp_client.c, 183:
snmp_synch: Response (ReqID: 241098140 - Cmd 162)
Variables found: 11
Total traversal time = 7.302387 seconds
When above command is run using strace utility, when less variables are returned, it acts like all variables were returned and script ended without error.
exit_group(0) = ?
+++ exited with 0 +++
Thank you for your hints.
I managed to fix the problem using only one default public community, one user and one group. The group has to have access to only one view with mutiple definitions of OID subtrees:
com2sec notConfigUser default public
The community is only defined on com2sec line, but nowhere else.
view all included .1.3.6.1.4.1.x.y
view all included .1.3.6.1.4.1.2021
view all included .1 80
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
view systemview included .1.3.6.1.4.1
One view to multiple subtrees are defined, but there are not more views than "all" and "systemview".
access notConfigGroup "" any noauth exact all none none
notConfigGroup has access to "all" view.