Skip to content
rConfig Documentation

SNMP Polling Implementation

SNMP Polling in rConfig V8 Pro automates collection of device properties and operational data using the Simple Network Management Protocol. This transforms rConfig into a comprehensive network inventory platform, enabling organizations to maintain accurate, up-to-date device information without manual data entry. SNMP data collection happens automatically during device backups, seamlessly integrating inventory management with configuration management workflows.

Understanding SNMP Polling in rConfig

Section titled “Understanding SNMP Polling in rConfig”

What SNMP Polling Provides

Section titled “What SNMP Polling Provides”

Automated inventory maintenance: Device properties update automatically during backups—serial numbers, software versions, hardware models, uptime, and custom data points are captured without administrator intervention.

Real-time visibility: Access current device status and operational metrics without logging into individual devices, accelerating troubleshooting and capacity planning.

Compliance and audit support: Automated collection of asset data provides audit-ready documentation demonstrating version control and asset tracking.

Integration enablement: Collected data exports via API or reports to feed CMDB, ITSM platforms, or analytics tools.

How SNMP Polling Works

Section titled “How SNMP Polling Works”

When rConfig performs device backups, SNMP polling occurs as part of the workflow:

  1. Backup initiates for devices with assigned polling groups
  2. rConfig connects using configured connection profiles and queries defined OIDs
  3. Raw SNMP responses are parsed, applying regex patterns to extract values
  4. Extracted values are stored as device properties
  5. Changes are logged for historical tracking

This integration means SNMP collection happens seamlessly without separate polling schedules.

Step 1: Install PHP SNMP Extension

Section titled “Step 1: Install PHP SNMP Extension”

The PHP SNMP extension is required for all SNMP functionality and must be installed before configuring polling.

CentOS / Rocky Linux

Section titled “CentOS / Rocky Linux”
Terminal window
cd /home
yum -y install wget
wget https://dl.rconfig.com/downloads/php-updates/centos-php8-update.sh -O /home/centos-php8-update.sh
chmod +x centos-php8-update.sh
./centos-php8-update.sh

Verify Installation

Section titled “Verify Installation”

After running the installation script, confirm the SNMP extension is properly loaded:

Terminal window
php -m | grep snmp

You should see snmp in the output. If not, restart services:

Terminal window
systemctl restart nginx php-fpm
# or for Apache:
systemctl restart httpd php-fpm

Step 2: Configure SNMP on Network Devices

Section titled “Step 2: Configure SNMP on Network Devices”

Before rConfig can poll devices, SNMP must be enabled on target devices. Configuration varies by vendor. Please refer to your device documentation for exact commands. Below are examples for common vendors.

Cisco IOS/IOS-XE

Section titled “Cisco IOS/IOS-XE”

SNMPv2c configuration:

Terminal window
snmp-server community YourSecureCommunity RO
access-list 10 permit 10.1.1.10
snmp-server community YourSecureCommunity RO 10
snmp-server location "Data Center A, Rack 15"
snmp-server contact "[email protected]"

SNMPv3 configuration (recommended):

Terminal window
snmp-server group readonly v3 priv read v1default
snmp-server user snmpuser readonly v3 auth sha AuthPassword123 priv aes 128 PrivPassword123
snmp-server location "Data Center A, Rack 15"
snmp-server contact "[email protected]"

Juniper JUNOS

Section titled “Juniper JUNOS”

SNMPv2c:

Terminal window
set snmp community YourSecureCommunity authorization read-only
set snmp community YourSecureCommunity clients 10.1.1.10/32
set snmp location "Data Center A, Rack 15"
set snmp contact "[email protected]"
commit

SNMPv3:

Terminal window
set snmp v3 usm local-engine user snmpuser authentication-sha authentication-password AuthPassword123
set snmp v3 usm local-engine user snmpuser privacy-aes128 privacy-password PrivPassword123
set snmp v3 vacm security-to-group security-model usm security-name snmpuser group readonly
set snmp v3 vacm access group readonly default-context-prefix security-model any security-level privacy read-view all
set snmp view all oid .1 include
commit

Network Access

Section titled “Network Access”

Ensure rConfig can reach devices on:

  • UDP 161 (SNMP queries) - REQUIRED
  • UDP 162 (SNMP traps) - Optional

Test connectivity from rConfig server:

Terminal window
# Install SNMP utilities if needed
# CentOS/RHEL/Rocky/Alma:
yum install net-snmp-utils


# Ubuntu:
apt-get install snmp


# Test SNMPv2c
snmpwalk -v2c -c YourSecureCommunity 192.168.1.1 sysDescr


# Test SNMPv3
snmpwalk -v3 -l authPriv -u snmpuser -a SHA -A AuthPassword123 -x AES -X PrivPassword123 192.168.1.1 sysDescr

Step 3: Create SNMP Connection Profiles

Section titled “Step 3: Create SNMP Connection Profiles”

Connection Profiles store credentials and parameters for SNMP communication. Navigate to Settings → SNMP → Connection Profiles and click Add Connection Profile.

SNMPv2c Profile

Section titled “SNMPv2c Profile”

Configuration:

  • Name: Production-ReadOnly-V2c (descriptive name)
  • SNMP Version: v2c
  • Community String: Your read-only community (e.g., YourSecureCommunity)
  • Timeout: 5-10 seconds (increase for slow devices or high latency)
  • Retries: 3-5 attempts
Section titled “SNMPv3 Profile (Recommended)”

Configuration:

  • Name: Production-ReadOnly-V3
  • SNMP Version: v3
  • Security Level: authPriv (recommended for production)
  • Security Name: SNMP username (e.g., snmpuser)
  • Authentication Protocol: SHA (recommended)
  • Authentication Passphrase: Strong password (8+ characters)
  • Privacy Protocol: AES-128 (recommended)
  • Privacy Passphrase: Strong password (8+ characters)
  • Timeout: 5-10 seconds
  • Retries: 3-5 attempts

Security recommendations:

  • Always use authPriv security level in production
  • Use SHA or stronger for authentication
  • Use AES-128 or higher for encryption
  • Use strong, unique passphrases (12+ characters, mixed case, numbers, symbols)
  • Rotate credentials quarterly

Step 4: Define SNMP OIDs

Section titled “Step 4: Define SNMP OIDs”

OIDs specify what data to collect from devices. Navigate to Settings → SNMP → OID Definitions and click Add OID.

Common Standard OIDs

Section titled “Common Standard OIDs”
OIDNameDescription
1.3.6.1.2.1.1.1.0sysDescrSystem description and version
1.3.6.1.2.1.1.3.0sysUpTimeTime since last reboot
1.3.6.1.2.1.1.4.0sysContactSystem contact
1.3.6.1.2.1.1.5.0sysNameSystem hostname
1.3.6.1.2.1.1.6.0sysLocationPhysical location

Vendor-Specific OID Examples

Section titled “Vendor-Specific OID Examples”

Cisco (1.3.6.1.4.1.9.*):

  • 1.3.6.1.4.1.9.3.6.3.0 - Chassis serial number

Juniper (1.3.6.1.4.1.2636.*):

  • 1.3.6.1.4.1.2636.3.1.3.0 - Serial number

HP/Aruba (1.3.6.1.4.1.11.*):

  • 1.3.6.1.4.1.11.2.36.1.1.5.1.1.3.1 - Serial number

Palo Alto Networks (1.3.6.1.4.1.25461.*):

  • 1.3.6.1.4.1.25461.2.1.2.1.3.0 - Serial number

Creating OID Definitions

Section titled “Creating OID Definitions”

Example: System Description

OID: 1.3.6.1.2.1.1.1.0
Name: sysDescr
Description: System description including hardware model and software version
Regex: (leave empty to capture full output)

Example: Software Version with Regex

OID: 1.3.6.1.2.1.1.1.0
Name: softwareVersion
Description: Extract software version from system description
Regex: /Version\s+([0-9]+\.[0-9]+\.[0-9]+[a-zA-Z0-9]*)/

Regex extracts: 16.12.04 from full output: Cisco IOS Software, C3850 Software (CAT3850-UNIVERSALK9-M), Version 16.12.04, RELEASE SOFTWARE (fc5)

Regex Pattern Guidelines

Section titled “Regex Pattern Guidelines”

Use capture groups: Wrap the value you want in parentheses: /Serial:\s+([A-Z0-9]+)/

Test patterns: Use regex101.com with PHP flavor to validate patterns before deploying

Common patterns:

# Serial number
/Serial Number:\s*([A-Z0-9]+)/i


# IP address
/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/


# Version number
/Version:?\s*([0-9]+\.[0-9]+[0-9.]*)/


# MAC address
/([0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2})/i

Step 5: Create SNMP Polling Groups

Section titled “Step 5: Create SNMP Polling Groups”

Polling Groups link devices, OIDs, and connection profiles. Navigate to Settings → SNMP → Polling Groups and click Add Polling Group.

Example: Cisco Router Group

Section titled “Example: Cisco Router Group”
Name: Cisco-Routers-Production
Description: Standard polling for Cisco IOS/IOS-XE routers
Connection Profile: Production-ReadOnly-V2c
OIDs:
  - sysDescr
  - sysUpTime
  - sysLocation
  - ciscoSerialNumber
  - softwareVersion
Enabled: Yes

Example: Multi-Vendor Basic Group

Section titled “Example: Multi-Vendor Basic Group”
Name: All-Devices-Basic-Info
Description: Universal polling using standard OIDs for all vendors
Connection Profile: Production-ReadOnly-V3
OIDs:
  - sysDescr
  - sysUpTime
  - sysName
  - sysLocation
  - sysContact
Enabled: Yes

Best Practices

Section titled “Best Practices”

Limit OID count: Keep groups to 10-20 OIDs maximum to avoid timeout issues

Group by vendor: Create separate groups for Cisco, Juniper, etc. to avoid querying incompatible OIDs

Use descriptive names: Clear naming like {Vendor}-{DeviceType}-{Purpose} aids management

Test before scaling: Create test group with single device before broad deployment

Step 6: Assign Devices to Polling Groups

Section titled “Step 6: Assign Devices to Polling Groups”

Individual Assignment

Section titled “Individual Assignment”
  1. Navigate to Devices → [Your Device]
  2. Click Edit
  3. Select polling group from SNMP Polling Group dropdown
  4. Click Save

Step 7: Execute SNMP Polling

Section titled “Step 7: Execute SNMP Polling”

Automatic Polling During Backups

Section titled “Automatic Polling During Backups”

SNMP polling happens automatically when devices with assigned polling groups are backed up. No additional configuration needed.

Manual Polling via CLI

Section titled “Manual Polling via CLI”

Poll specific device:

Terminal window
# Poll device by ID
php artisan rconfig:snmp-poll-device 1001


# Poll with verbose output
php artisan rconfig:snmp-poll-device 1001 -v


# Poll with debug information
php artisan rconfig:snmp-poll-device 1001 -d

Poll all devices:

Terminal window
php artisan rconfig:snmp-poll-device

Perform SNMP walk (discover available OIDs):

Terminal window
php artisan rconfig:snmp-poll-device 1001 --walk

SNMP walk retrieves all available OIDs from the device, useful for discovering vendor-specific OIDs.

Step 8: View SNMP Properties

Section titled “Step 8: View SNMP Properties”

Device Properties Page

Section titled “Device Properties Page”
  1. Navigate to Devices → [Your Device]
  2. SNMP-polled properties appear with values on the left side panel
SNMP Properties display showing polled device data Device Properties page displaying SNMP-polled data

Inventory Reports

Section titled “Inventory Reports”
  1. Navigate to Devices → Inventory Report
  2. Generate report
  3. Download CSV/Excel
  4. SNMP properties appear as columns

API Access

Section titled “API Access”
Terminal window
# Get device properties via API
curl -X GET https://rconfig.example.com/api/devices/1001/properties \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Accept: application/json"

Monitoring and Logging

Section titled “Monitoring and Logging”

View Polling Logs

Section titled “View Polling Logs”
  1. Navigate to Settings → Logs → Application Logs
  2. Filter by SNMP or device name
  3. Review polling success/failure messages
SNMP polling logs showing polling events SNMP polling event logs

File-Based Logging

Section titled “File-Based Logging”
Terminal window
# View recent SNMP log entries
tail -f /var/www/html/rconfig8/current/storage/logs/laravel.log | grep SNMP


# Search for errors
grep "ERROR.*SNMP" /var/www/html/rconfig8/current/storage/logs/laravel.log

Troubleshooting

Section titled “Troubleshooting”

PHP SNMP Extension Not Loaded

Section titled “PHP SNMP Extension Not Loaded”

Symptoms: “SNMP extension not loaded” errors

Resolution:

  1. Run installation script for your OS
  2. Restart web services: systemctl restart nginx php-fpm
  3. Verify: php -m | grep snmp

No Response from Device

Section titled “No Response from Device”

Symptoms: Polling times out, “No response from agent” errors

Diagnosis:

Terminal window
# Test connectivity
ping 192.168.1.1


# Test SNMP
snmpwalk -v2c -c YourCommunity 192.168.1.1 sysDescr

Possible causes:

  • Device unreachable or SNMP not enabled
  • Firewall blocking UDP 161
  • Incorrect community string/credentials
  • Device ACLs restricting access

Resolution:

  • Verify device IP and network connectivity
  • Check firewall rules
  • Confirm SNMP configuration on device
  • Verify credentials match exactly

Authentication Failure (SNMPv3)

Section titled “Authentication Failure (SNMPv3)”

Symptoms: “Authentication failure” or “USM authentication failure” errors

Resolution:

  1. Verify credentials match device configuration exactly (case-sensitive)
  2. Check security level matches (authPriv vs authNoPriv)
  3. Verify protocols match (SHA, AES match device)
  4. Test with command line using same credentials
  5. Check device SNMP user status and permissions

Timeout Errors

Section titled “Timeout Errors”

Symptoms: Some OIDs timeout or entire polling operation times out

Resolution:

  1. Increase timeout in connection profile (10-15 seconds)
  2. Increase retry count (5+ retries)
  3. Reduce OID count per polling group
  4. Check device CPU/memory load
  5. Test network latency: ping -c 10 192.168.1.1
  6. Avoid expensive OIDs (routing tables, large caches)

Regex Patterns Not Extracting Values

Section titled “Regex Patterns Not Extracting Values”

Symptoms: Extracted values empty, null, or contain full raw output

Diagnosis:

  1. Check raw SNMP output: snmpget -v2c -c Community 192.168.1.1 OID
  2. Test regex at regex101.com with PHP flavor
  3. Verify pattern matches actual output format

Common fixes:

# Missing capture group
Wrong: /Serial Number: [A-Z0-9]+/
Correct: /Serial Number: ([A-Z0-9]+)/


# Case sensitivity
Wrong: /Serial Number: ([A-Z0-9]+)/
Correct: /Serial Number: ([A-Z0-9]+)/i


# Escaped characters
Wrong: /Version (16.12.04)/
Correct: /Version \(([0-9.]+)\)/

Debug Mode

Section titled “Debug Mode”

Enable verbose output for detailed troubleshooting:

Terminal window
# Maximum verbosity
php artisan rconfig:snmp-poll-device 1001 -vvv


# Debug mode
php artisan rconfig:snmp-poll-device 1001 -d

Debug output shows connection details, each OID query/response, regex matching, and error traces.

Best Practices

Section titled “Best Practices”

Security

Section titled “Security”
  • Use SNMPv3 with authPriv whenever possible for encrypted authentication
  • Never use default community strings like “public” or “private”
  • Restrict SNMP to management VLANs to isolate traffic
  • Use read-only credentials - rConfig only needs read access
  • Implement device ACLs restricting SNMP to rConfig server IP only
  • Rotate credentials quarterly per security policy
  • Monitor logs for unauthorized access attempts

Performance

Section titled “Performance”
  • Limit OIDs per group to 10-20 maximum
  • Group by vendor to avoid querying incompatible OIDs
  • Avoid expensive OIDs like full routing tables or ARP caches
  • Enable SNMP caching on devices where supported
  • Schedule intensive polls during off-peak hours
  • Monitor system resources on rConfig server

Organization

Section titled “Organization”
  • Use descriptive names for profiles, OIDs, and groups
  • Document custom OIDs thoroughly in description fields
  • Test new OIDs on subset before broad deployment
  • Maintain external documentation of polling configurations
  • Version control regex patterns and document changes
Section titled “Related Documentation”

Quick Reference

Section titled “Quick Reference”

CLI Commands

Section titled “CLI Commands”
Terminal window
# Poll specific device
php artisan rconfig:snmp-poll-device {device_id}


# Poll all devices
php artisan rconfig:snmp-poll-device


# Poll with SNMP walk
php artisan rconfig:snmp-poll-device {device_id} --walk


# Enable debug output
php artisan rconfig:snmp-poll-device {device_id} -d

Default SNMP Ports

Section titled “Default SNMP Ports”
  • UDP 161: SNMP queries (polling)
  • UDP 162: SNMP traps (notifications)

Configuration Workflow

Section titled “Configuration Workflow”
  1. Install PHP SNMP extension
  2. Enable SNMP on devices
  3. Create Connection Profile (credentials)
  4. Define OIDs (what to poll)
  5. Create Polling Group (link devices + OIDs + profile)
  6. Assign devices to Polling Group
  7. Run backup or manual poll

Summary

Section titled “Summary”

SNMP Polling in rConfig V8 Pro automates network inventory management by collecting device properties during regular backup operations. Proper configuration of connection profiles, OID definitions, and polling groups ensures accurate, efficient data collection across multi-vendor environments.

Key Takeaways

Section titled “Key Takeaways”

Automated inventory: SNMP polling eliminates manual asset tracking by automatically collecting serial numbers, versions, and operational data during backups.

Security first: Use SNMPv3 with authPriv, unique credentials, and access restrictions for production environments.

Start simple, expand strategically: Begin with standard OIDs working across all vendors, then add vendor-specific OIDs for detailed inventory data.

Test thoroughly: Always verify SNMP works from command line before configuring in rConfig, and test new configurations on single devices before broad deployment.

Monitor and optimize: Review logs regularly, track polling success rates, and optimize OID counts and timeout settings based on operational experience.

With SNMP polling properly configured, rConfig provides comprehensive, current network inventory data that integrates seamlessly with configuration management workflows, supporting compliance, asset tracking, and operational efficiency.