Skip to main content
Lantern Home

 

Splunk Lantern

SNMP data

  1. Last updated
  2. Save as PDF

 

Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring and managing devices on an IP network, such as routers, switches, servers, printers, and other networked devices.SNMP data is also used in analytics dashboards to identify trends or bottlenecks and provides device metadata for asset tracking. SNMP data refers to the information exchanged between an SNMP manager (a central system) and SNMP agents (devices) to monitor device performance, track network activity, and manage network configurations. It can be retrieved via polling (regular requests) or received via traps (event-based notifications).

SNMPv1 and SNMPv2c are less secure because they use plain-text community strings for authentication. SNMPv3 includes encryption and authentication for secure data exchange. 

This data is typically organized in a structured format within a Management Information Base (MIB), which is a database of objects that can be queried or controlled.

SNMP data typically includes:

  • Device identification and configuration: These include basic details about the device or system
    • System name
    • System description
    • System uptime
    • Device IP address
    • Hardware or firmware version
    • Location
  • Network interface metrics: These describe the status and performance of network interfaces
    • Interface status
    • Interface speed
    • Bytes sent/received
    • Packet errors
    • Interface MAC address
  • Device performance metrics: These metrics provide insights into device performance
    • CPU utilization
    • Memory usage
    • Disk space usage
    • Temperature
    • Fan status
  • Network traffic and bandwidth: These metrics monitor data flow through the network
    • Inbound and outbound traffic
    • Dropped packets
    • Connection counts
    • Bandwidth utilization
  • Event and alert data: These are logs or notifications about device status or issues
    • Trap notifications
    • Error logs
    • Critical events
    • Power supply alerts
  • Security and access information: These include details about access control and security
    • Authentication attempts
    • Access control list (ACL) details
    • Encryption status