SNMP Receiver
Telegen’s SNMP receiver collects metrics from network devices, storage systems, and other SNMP-enabled infrastructure.
Overview
The SNMP receiver supports:
SNMP v1, v2c, v3 - All protocol versions
Polling and Traps - Both collection modes
Standard MIBs - IF-MIB, HOST-RESOURCES-MIB, etc.
Custom MIBs - Load vendor-specific MIBs
Auto-discovery - Find SNMP devices on your network
Architecture
flowchart LR
subgraph Devices["Network Devices"]
SW["Switches"]
RT["Routers"]
UPS["UPS"]
end
subgraph Telegen["Telegen Collector"]
P["SNMP Poller"]
T["Trap Receiver"]
M["MIB Resolver"]
C["Metric Converter"]
end
SW -->|"SNMP Poll"| P
RT -->|"SNMP Poll"| P
UPS -->|"Traps"| T
P --> M
T --> M
M --> C
C -->|"OTLP"| O["OTel Collector"]
Configuration
Basic SNMP v2c
telegen:
mode: collector
otlp:
endpoint: "otel-collector:4317"
collector:
snmp:
enabled: true
poll_interval: 60s
timeout: 10s
retries: 3
targets:
- name: "core-switch-01"
address: "10.0.1.1:161"
version: "v2c"
community: "public"
modules:
- if_mib
- entity_mib
labels:
location: "dc1-rack1"
role: "core"
SNMP v3 (Secure)
collector:
snmp:
targets:
- name: "secure-router"
address: "10.0.1.10:161"
version: "v3"
security:
user: "monitor"
security_level: "authPriv"
auth_protocol: "SHA256"
auth_password: "${SNMP_AUTH_PASSWORD}"
priv_protocol: "AES256"
priv_password: "${SNMP_PRIV_PASSWORD}"
modules:
- if_mib
- bgp4_mib
Security Levels
Level |
Authentication |
Privacy |
|---|---|---|
|
❌ |
❌ |
|
✅ |
❌ |
|
✅ |
✅ |
Auth/Priv Protocols
Auth Protocol |
Description |
|---|---|
|
MD5 (legacy, not recommended) |
|
SHA-1 |
|
SHA-224 |
|
SHA-256 (recommended) |
|
SHA-384 |
|
SHA-512 |
Priv Protocol |
Description |
|---|---|
|
DES (legacy, not recommended) |
|
AES-128 |
|
AES-192 |
|
AES-256 (recommended) |
Standard MIB Modules
if_mib (Interface Statistics)
Collects interface metrics from IF-MIB:
modules:
- if_mib
Metrics collected:
Metric |
Description |
|---|---|
|
Bytes received |
|
Bytes transmitted |
|
Unicast packets received |
|
Unicast packets transmitted |
|
Input errors |
|
Output errors |
|
Input discards |
|
Output discards |
|
Operational status (1=up, 2=down) |
|
Interface speed (bps) |
entity_mib (Physical Entities)
modules:
- entity_mib
Metrics collected:
Metric |
Description |
|---|---|
|
Entity name |
|
Entity class (chassis, module, port) |
|
Serial number |
host_resources (Host Information)
modules:
- host_resources
Metrics collected:
Metric |
Description |
|---|---|
|
System uptime |
|
CPU utilization |
|
Storage used |
|
Storage capacity |
|
Memory size |
Vendor-Specific Modules
Cisco
modules:
- cisco_process # CPU/memory statistics
- cisco_envmon # Environmental monitoring
- cisco_flash # Flash memory
Juniper
modules:
- juniper_alarm # System alarms
- juniper_cos # Class of Service
- juniper_firewall # Firewall statistics
Arista
modules:
- arista_hw # Hardware status
- arista_queue # Queue statistics
Custom MIB Modules
Define custom modules for specific OIDs:
collector:
snmp:
custom_modules:
- name: "custom_ups"
walk:
- "1.3.6.1.4.1.318.1.1" # APC enterprise OID
metrics:
- name: "ups_battery_capacity_percent"
oid: "1.3.6.1.4.1.318.1.1.1.2.2.1.0"
type: gauge
help: "UPS battery capacity percentage"
- name: "ups_output_load_percent"
oid: "1.3.6.1.4.1.318.1.1.1.4.2.3.0"
type: gauge
help: "UPS output load percentage"
- name: "ups_runtime_remaining_seconds"
oid: "1.3.6.1.4.1.318.1.1.1.2.2.3.0"
type: gauge
help: "UPS estimated runtime remaining"
- name: "ups_battery_status"
oid: "1.3.6.1.4.1.318.1.1.1.2.1.1.0"
type: gauge
help: "UPS battery status"
enum_values:
1: "unknown"
2: "normal"
3: "low"
4: "in_fault"
Apply Custom Module
collector:
snmp:
targets:
- name: "ups-01"
address: "10.0.2.100:161"
version: "v2c"
community: "public"
modules:
- custom_ups
SNMP Trap Receiver
Receive asynchronous SNMP traps:
collector:
snmp:
trap_receiver:
enabled: true
listen_address: ":162"
# v2c trap communities
community_allowlist:
- "public"
- "traps"
# v3 trap authentication
v3_users:
- user: "trap-sender"
auth_protocol: "SHA256"
auth_password: "${TRAP_AUTH_PASSWORD}"
priv_protocol: "AES256"
priv_password: "${TRAP_PRIV_PASSWORD}"
Trap Events
Traps are converted to OpenTelemetry logs:
{
"timestamp": "2024-01-15T10:30:00Z",
"severity": "WARNING",
"body": "Link down on interface Ethernet1/1",
"attributes": {
"snmp.trap.oid": "1.3.6.1.6.3.1.1.5.3",
"snmp.trap.name": "linkDown",
"snmp.source": "10.0.1.1",
"snmp.if_index": 1001,
"snmp.if_descr": "Ethernet1/1",
"device.name": "core-switch-01"
}
}
Auto-Discovery
Automatically find SNMP devices:
collector:
snmp:
discovery:
enabled: true
interval: 1h
# Networks to scan
networks:
- "10.0.0.0/16"
- "192.168.0.0/24"
# Ports to probe
ports:
- 161
# Communities to try (v2c)
communities:
- "public"
- "private"
# v3 credentials to try
v3_credentials:
- user: "monitor"
auth_protocol: "SHA256"
auth_password: "${SNMP_AUTH}"
# Skip specific addresses
exclude:
- "10.0.0.1"
- "10.0.255.255"
Discovery Results
Discovered devices are logged:
{
"timestamp": "2024-01-15T10:30:00Z",
"severity": "INFO",
"body": "SNMP device discovered: 10.0.1.50",
"attributes": {
"snmp.discovery.address": "10.0.1.50:161",
"snmp.discovery.version": "v2c",
"snmp.discovery.sys_descr": "Cisco IOS Software, C3850...",
"snmp.discovery.sys_name": "access-switch-05"
}
}
Metrics Output
Prometheus Format
# Interface traffic rate
rate(snmp_if_in_octets{device="core-switch-01",interface="Ethernet1/1"}[5m]) * 8
# Interface errors
sum(rate(snmp_if_in_errors[5m])) by (device)
# Interface utilization
(rate(snmp_if_in_octets[5m]) + rate(snmp_if_out_octets[5m])) * 8
/ snmp_if_speed * 100
Labels
All metrics include:
Label |
Description |
|---|---|
|
Target name |
|
SNMP target address |
|
Interface description (for interface metrics) |
|
SNMP interface index |
+ custom labels |
From target configuration |
Performance Tuning
Concurrent Polling
collector:
snmp:
# Max concurrent SNMP requests
max_concurrent: 100
# Bulk request settings
bulk:
enabled: true
max_repetitions: 25
Large Environments
For 1000+ devices:
collector:
snmp:
poll_interval: 120s # Reduce frequency
max_concurrent: 200 # More parallel requests
timeout: 15s # Longer timeout
# Use bulk requests
bulk:
enabled: true
max_repetitions: 50
Example: Complete Network Monitoring
telegen:
mode: collector
service_name: "network-collector"
otlp:
endpoint: "otel-collector:4317"
collector:
snmp:
enabled: true
poll_interval: 60s
timeout: 10s
retries: 3
max_concurrent: 100
targets:
# Core switches
- name: "core-sw-01"
address: "10.0.1.1:161"
version: "v3"
security:
user: "monitor"
security_level: "authPriv"
auth_protocol: "SHA256"
auth_password: "${SNMP_AUTH}"
priv_protocol: "AES256"
priv_password: "${SNMP_PRIV}"
modules: [if_mib, entity_mib, cisco_process]
labels:
tier: "core"
location: "dc1"
# Access switches (many)
- name: "access-sw-*"
addresses:
- "10.0.10.0/24"
version: "v2c"
community: "public"
modules: [if_mib]
labels:
tier: "access"
# UPS systems
- name: "ups-*"
addresses:
- "10.0.20.1"
- "10.0.20.2"
version: "v2c"
community: "private"
modules: [custom_ups]
labels:
device_type: "ups"
trap_receiver:
enabled: true
listen_address: ":162"
Next Steps
Storage Adapters - Storage array monitoring
Collector Mode Configuration - Collector configuration
Network Observability - Network flow analysis