SNMP

Monitoring relative printer page counts with PRTG

PRTG has many standard sensors, but one I was always missing is a daily page count compare. The standard printer sensor gives you a total page count – but this to some extend will always be a graph that only will go up. You can only estimate the total page counts in those graphs.

If you ever looked in to the IT Assets database project, you will see that in the Printers area there is a possibility to enable detailed graphs for relative page counts.

Why is this important you might wonder. The answer is simple, as an IT Manager you need to know if a certain kind of a printer makes sense at a certain location. If you have a low end printer for only casual print-outs but you have a total over e.g. 10,000 pages printed every month, you might need to reconsider the printer model. The reasons would likely be:

higher cost per page
- constant toner exchange of a compared more expensive toner cartridge
maintenance cost
- you might need to constantly maintenance the printer
- the cost for the maintenance kit are relatively high
downtime issues
- due to toner empty
- printer needs maintenance again
- less pages in paper tray

On the other hand, a printer might also be overkill for a certain area and not be cost efficient. Those conditions also might change over time of course. Further is there often the question – is a single area printer (copier) better or multiple smaller printers. This of course can go pretty far and you want to consider Lean processes, Six Sigma guidelines and others along with this data.

How ever, I started a first draft of a script that provides me at least the total page count relative to each day in PRTG. This sure is not as efficient yet as I do this in the IT Assets database printer module, where I collect data e.g. every 30 minutes in a huge table and then later calculate all the data in a daily range respective monthly range while collecting total page counts and possibly counts per copy vs. print outs and additionally color vs. black and white print. But at least it is a start.

Below you find the first draft of this script.

One thing to know – you will need to run the following command in order to install the PowerShell SNMP module on your PRTG probing server:

Install-Module -Name SNMP

1	Install-Module -Name SNMP

The current version of the PRTG script:

#For PRTG - default parameter list: 
#-deviceID %deviceid -targetHost '%host' -OID '1.3.6.1.2.1.43.10.2.1.4.1.1' 
#find a list with OID examples at the following link as they differ by vendor and partly model
#https://www.it-admins.com/it-assets-database/online-manual/printers/
param(
    [Parameter(
        Mandatory = $true
    )][int]$deviceID,

    [Parameter(
        Mandatory = $true
    )][string]$targetHost,

    [Parameter(
        Mandatory = $true
    )][string]$OID = "",

    [string]$Community = "public"
)

Import-Module -Name SNMP

[string]$ErrorText = "" #will hold error information to be returned to PRTG text field / sensor message
[int]$ErrorValue = 0 #default no errors initiated with 0 (0 = OK | 1 = Warning | 2 = Error)

[string]$LogFile = "$PSScriptRoot\PrinterLog_$deviceID.log"

[int]$result = -2 #standard response would be negative 2 as initialized integer value

try{
    $result = (Get-SNMPdata -IP $targetHost -OID $OID -Community $Community).Data
    #if no error occured, we have the current page count as a result
} catch {
    $result = -1 #if any error happened, we now have the result set to negative 1
    $ErrorText += "error: can't read SNMP OID value from device "
    $ErrorValue = 2
}

[int]$returnValue = 0 #default return value, integer, initialized with 0
[string]$LogFileContent = -1 #default logfilecontent is integer, intialized with negative 1
[string]$LogFileDate 
[int]$LogFileCount = -1

if ($result -gt 0) {
    #we seem to have a page count from SNMP

    if (Test-Path $LogFile -PathType Leaf){
        #we do have an exisiting LogFile
        try{
            $LogFileContent = Get-Content $LogFile -Raw
            if ($LogFileContent.Length -gt 0){
                $LogFileDate = $LogFileContent.Split("|")[0] 
                $LogFileCount = $LogFileContent.Split("|")[1]
            } else {
                #LogFile empty
                $LogFileCount = 0
                $ErrorText += "warning: initial run or no logfile yet "
                $ErrorValue = 1
            }
        } catch {
            $LogFileCount = -2 #negative 2 as error catch
        } finally {
            if ($LogFileCount -gt 0){
                #no error occured as for the LogFile reading
                if (($result - $LogFileCount) -gt -1){
                    #it should be either the same value or higher then the last logfile value
                    $returnValue = $result - $LogFileCount
                } else {
                    #LogFile value is higher then current count - this is weird
                    #still returning this - but it will show a negative count and should raise a flag
                    $returnValue = $result - $LogFileCount
                    $ErrorText += "error: logfile value higher then current printer read "
                    $ErrorValue = 2
                }
            } else {
                #there was some kind of error in the LogFile read - not an integer value or new Logfile started and result was 0
                $ErrorText += "error: can't read logfile for data compare "
                $ErrorValue = 2
            }
        }

    } else {
        #no LogFile yet - will need one but return value as difference initially will stay 0
        #we set the LogFileContent to 0 as this is the current status
        $LogFileCount = 0
        $ErrorText += "warning: initial run or no logfile yet or wrong data format "
        $ErrorValue = 1
    }

    #we need to write the positive SNMP OID result to the LogFile 
    #but only if the date differs more then 1x day

    [bool]$WriteLog = $false
    [string]$CurrentDate = (Get-Date -Format yyyy-MM-dd)

    if ($LogFileDate.Length -gt 0){
        try{
            if ((New-TimeSpan -Start $LogFileDate -End $CurrentDate).Days -gt 1){ 
                #date difference more then 1 day 
                $WriteLog = $true
            } else {
                #date difference not sufficient - same day? Future?
                if ((New-TimeSpan -Start $LogFileDate -End $CurrentDate).Days -lt 0){ 
                    #LogFile newer then current date? That's just wrong
                    $WriteLog = $true
                    $ErrorText += "warning: Logfile date above current date $LogFileDate - rewriting log"
                    $ErrorValue = 1
                } else {
                    #not greater then 1 day (0 and 1) or less must be equal as a result...
                    #nothing to do as WriteLog is initialized false
                }
            }
        } catch {
            #couldn't compare the date - let's write the Log to be save
            $WriteLog = $true
        }
    } else {
        #LogFileDate length 0 means we need to write a logfile as it might not exist
        $WriteLog = $true
    }

    if ($WriteLog){
        try {
            Set-Content -Path $LogFile -Value "$CurrentDate|$result"
            $LogFileDate = $CurrentDate
        } catch {
            #there was an issue writing to the LogFile
            $ErrorText += "error: can't write to logfile "
            $ErrorValue = 2
        }
    }

} else {
    #no pagecount available due to errors or issues
    #uncomment the next line for debugging only
    #$returnValue = $result
    #the returnValue will now show the current result value and point therefor to the error section
    $ErrorText += "error: no pagecount available "
    $ErrorValue = 2
}

#Assuming no errors - the text result will be the last LogFile date
if ($ErrorText.Length -eq 0){
    $ErrorText = "Last LogFile write date: $LogFileDate"
}

$XML = "<prtg>
            <result>
                <channel>last relative Page Count</channel>
                <value>$returnValue</value>
            </result>
            <result>
                <channel>last total from Printer</channel>
                <value>$result</value>
            </result>
            <result>
                <channel>last total from LogFile</channel>
                <value>$LogFileCount</value>
            </result>
            <result>
                <channel>Script Error Status</channel>
                <value>$ErrorValue</value>
                <LimitMode>1</LimitMode>
                <LimitMaxWarning>0</LimitMaxWarning>
                <LimitMaxError>1</LimitMaxError>
            </result>
            <text>$ErrorText</text>
        </prtg>"
 
Function WriteXmlToScreen ([xml]$XML) #just to make it clean XML code...
{
	$StringWriter = New-Object System.IO.StringWriter;
	$XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter;
	$XmlWriter.Formatting = "indented";
	$xml.WriteTo($XmlWriter);
	$XmlWriter.Flush();
	$StringWriter.Flush();
	Write-Output $StringWriter.ToString();
}
 
WriteXmlToScreen $XML;

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

#For PRTG - default parameter list:

#-deviceID %deviceid -targetHost '%host' -OID '1.3.6.1.2.1.43.10.2.1.4.1.1'

#find a list with OID examples at the following link as they differ by vendor and partly model

#https://www.it-admins.com/it-assets-database/online-manual/printers/

param(

[Parameter(

Mandatory = $true

)][int]$deviceID,

[Parameter(

Mandatory = $true

)][string]$targetHost,

[Parameter(

Mandatory = $true

)][string]$OID = "",

[string]$Community = "public"

)

Import-Module -Name SNMP

[string]$ErrorText = "" #will hold error information to be returned to PRTG text field / sensor message

[int]$ErrorValue = 0 #default no errors initiated with 0 (0 = OK | 1 = Warning | 2 = Error)

[string]$LogFile = "$PSScriptRoot\PrinterLog_$deviceID.log"

[int]$result = -2 #standard response would be negative 2 as initialized integer value

try{

$result = (Get-SNMPdata -IP $targetHost -OID $OID -Community $Community).Data

#if no error occured, we have the current page count as a result

} catch {

$result = -1 #if any error happened, we now have the result set to negative 1

$ErrorText += "error: can't read SNMP OID value from device "

$ErrorValue = 2

}

[int]$returnValue = 0 #default return value, integer, initialized with 0

[string]$LogFileContent = -1 #default logfilecontent is integer, intialized with negative 1

[string]$LogFileDate

[int]$LogFileCount = -1

if ($result -gt 0) {

#we seem to have a page count from SNMP

if (Test-Path $LogFile -PathType Leaf){

#we do have an exisiting LogFile

try{

$LogFileContent = Get-Content $LogFile -Raw

if ($LogFileContent.Length -gt 0){

$LogFileDate = $LogFileContent.Split("|")[0]

$LogFileCount = $LogFileContent.Split("|")[1]

} else {

#LogFile empty

$LogFileCount = 0

$ErrorText += "warning: initial run or no logfile yet "

$ErrorValue = 1

}

} catch {

$LogFileCount = -2 #negative 2 as error catch

} finally {

if ($LogFileCount -gt 0){

#no error occured as for the LogFile reading

if (($result - $LogFileCount) -gt -1){

#it should be either the same value or higher then the last logfile value

$returnValue = $result - $LogFileCount

} else {

#LogFile value is higher then current count - this is weird

#still returning this - but it will show a negative count and should raise a flag

$returnValue = $result - $LogFileCount

$ErrorText += "error: logfile value higher then current printer read "

$ErrorValue = 2

}

} else {

#there was some kind of error in the LogFile read - not an integer value or new Logfile started and result was 0

$ErrorText += "error: can't read logfile for data compare "

$ErrorValue = 2

}

} else {

#no LogFile yet - will need one but return value as difference initially will stay 0

#we set the LogFileContent to 0 as this is the current status

$LogFileCount = 0

$ErrorText += "warning: initial run or no logfile yet or wrong data format "

$ErrorValue = 1

}

#we need to write the positive SNMP OID result to the LogFile

#but only if the date differs more then 1x day

[bool]$WriteLog = $false

[string]$CurrentDate = (Get-Date -Format yyyy-MM-dd)

if ($LogFileDate.Length -gt 0){

try{

if ((New-TimeSpan -Start $LogFileDate -End $CurrentDate).Days -gt 1){

#date difference more then 1 day

$WriteLog = $true

} else {

#date difference not sufficient - same day? Future?

if ((New-TimeSpan -Start $LogFileDate -End $CurrentDate).Days -lt 0){

#LogFile newer then current date? That's just wrong

$WriteLog = $true

$ErrorText += "warning: Logfile date above current date $LogFileDate - rewriting log"

$ErrorValue = 1

} else {

#not greater then 1 day (0 and 1) or less must be equal as a result...

#nothing to do as WriteLog is initialized false

}

} catch {

#couldn't compare the date - let's write the Log to be save

$WriteLog = $true

}

} else {

#LogFileDate length 0 means we need to write a logfile as it might not exist

$WriteLog = $true

}

if ($WriteLog){

try {

Set-Content -Path $LogFile -Value "$CurrentDate|$result"

$LogFileDate = $CurrentDate

} catch {

#there was an issue writing to the LogFile

$ErrorText += "error: can't write to logfile "

$ErrorValue = 2

}

} else {

#no pagecount available due to errors or issues

#uncomment the next line for debugging only

#$returnValue = $result

#the returnValue will now show the current result value and point therefor to the error section

$ErrorText += "error: no pagecount available "

$ErrorValue = 2

}

#Assuming no errors - the text result will be the last LogFile date

if ($ErrorText.Length -eq 0){

$ErrorText = "Last LogFile write date: $LogFileDate"

}

$XML = "<prtg>

<channel>last relative Page Count</channel>

<value>$returnValue</value>

</result>

<channel>last total from Printer</channel>

<value>$result</value>

</result>

<channel>last total from LogFile</channel>

<value>$LogFileCount</value>

</result>

<channel>Script Error Status</channel>

<value>$ErrorValue</value>

</result>

<text>$ErrorText</text>

</prtg>"

Function WriteXmlToScreen ([xml]$XML) #just to make it clean XML code...

{

$StringWriter = New-Object System.IO.StringWriter;

$XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter;

$XmlWriter.Formatting = "indented";

$xml.WriteTo($XmlWriter);

$XmlWriter.Flush();

$StringWriter.Flush();

Write-Output $StringWriter.ToString();

}

WriteXmlToScreen $XML;

PRTG and Cisco ASA VPN monitoring

The default PRTG sensor for VPN connections on a Cisco ASA has a limited of 50 users connected, actually less. This is due to the limit of 50 channels per sensor.

These days IT departments everywhere likely exceed 50 VPN users everywhere.

Since I do not need to know who is connected, rather then the amount and load on the FW, I came up with a simple sensor and MAP in PRTG to show me the essentials.

Add a snmp custom sensor to your FW in PRTG and use the OID

1.3.6.1.4.1.9.9.392.1.3.1.0

This will give you a number of VPN connection. I am not 100% certain about the OID only being used for Cisco AnyConnect or other VPNs as well. I found it as a valid SNMP OID as I only use Cisco AnyConnect and my VPN tunnels aligned with this number.

Further did I add sensors for CPU / RAM and on the external interface of the FW to the map in PRTG to see the overall status and load.

Detailed information on the bandwidth are a different story, since this is more a passive point in time configuration, I don’t pull that in this map – I care about an average load picture not single pikes that only are temporarily. For this I have different approaches and sources. Mentioning this only for the big picture and cause you need to be aware of that.

Hope some find this helpful.

If you want the users that are online and offline – what is actually a big of a questionable thing due to data privacy concerns and a user not always needing to be on VPN in order to do work – you could create scrips to access more detailed SNMP data and balance this in various sensors. This is possible, but I do not recommend it. Another approach would be using the TEXT value in XML sensors and put the info there. Still, I think you might get to much data and need to ask yourself if this is even something you should collect/monitor.

Here a picture of my map as we barely started getting more home office people online.

PRTG Cisco ASA VPN users

Backlink to the Paessler PRTG KB, where this was discussed as well: https://kb.paessler.com/en/topic/64053-my-snmp-cisco-asa-vpn-users-sensor-shows-a-user-limit-error-why-what-can-i-do

March 19, 2020 by Florian Rossmark monitoring prtg security solutions

APC InRow A/C error monitoring with PRTG

It is rather hard to get valuable alarm monitoring from an APC InRow air conditioning unit. The APC A/C’s are a real pain when it comes to this, it might even be that this same principle applies to APC UPS units, but I did not have yet time to test this out.

What I really wanted is a way to monitor alerts that the unit reports. Doing so seemed to be fine with a simple SNMP sensor in PRTG but the real challenge was getting the alert text. Now, there are SNMP channels but they are only available when an alert is ongoing, meaning when there is no alert status the whole OID fails.

To compensate this, I ended up writing a simple PowerShell script that interprets the SNMP OID results, even ignores a certain failure cause I didn’t care about it, and reports back the results as a total error count (set the channel to ErrorLimit = 0 in PRTG) and if there are Errors it will write them to the text.

This is an Advanced EXE script that needs to reside in the following path:

C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\EXEXML

1	C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\EXEXML

It expects the parameters for community and IP-Address

public %host

1	public %host

The results of the script will always hold the top 4 error messages, but it will exclude the phrase “No Backup Units Available Alarm” from the error count – cause in certain setups like hours there are multiple units but they are not necessarily clustered – this is not a full alarm rather then a warning in my case. Feel free to adjust this in the script if you want to raise the error. You could simply remove / remark the following line:

$TotalErrors.Data = $TotalErrors.Data - $SubstractError

1	$TotalErrors.Data = $TotalErrors.Data - $SubstractError

Here a picture of a real world alarm respective issue with the APC InRow A/C in PRTG generated by the script

Param(
    $Community,
    $IP
)

$TotalErrors = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.1.0
$Error1 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.1
$Error2 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.2
$Error3 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.3
$Error4 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.4

$SubstractError = 0

if ($Error1.Data.length -gt 0) {
    if ($Error1.Data -ne "NoSuchInstance") {
        if ($Error1.Data -eq "No Backup Units Available Alarm") {    
            $SubstractError += 1
        }
        $ErrorText = $Error1.Data
    }
}
if ($Error2.Data.length -gt 0) {
    if ($Error2.Data -ne "NoSuchInstance") {
        if ($Error2.Data -eq "No Backup Units Available Alarm") {    
            $SubstractError += 1
        }
        $ErrorText += " - " + $Error2.Data
    }
}
if ($Error3.Data.length -gt 0) {
    if ($Error3.Data -ne "NoSuchInstance") {
        if ($Error3.Data -eq "No Backup Units Available Alarm") {    
            $SubstractError += 1
        }
        $ErrorText += " - " + $Error3.Data
    }
}
if ($Error4.Data.length -gt 0) {
    if ($Error4.Data -ne "NoSuchInstance") {
        if ($Error4.Data -eq "No Backup Units Available Alarm") {    
            $SubstractError += 1
        }
        $ErrorText += " - " + $Error4.Data
    }
}

$TotalErrors.Data = $TotalErrors.Data - $SubstractError

$XML =  "<prtg>"
$XML += "<result><channel>Total Errors</channel><value>" + $TotalErrors.Data + "</value><unit>Count</unit></result>"
$XML += "<text>$ErrorText</text>"
$XML += "</prtg>"

Function WriteXmlToScreen ([xml]$xml)
{
    $StringWriter = New-Object System.IO.StringWriter;
    $XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter;
    $XmlWriter.Formatting = "indented";
    $xml.WriteTo($XmlWriter);
    $XmlWriter.Flush();
    $StringWriter.Flush();
    Write-Output $StringWriter.ToString();
}

WriteXmlToScreen $XML

Param(

$Community,

$IP

)

$TotalErrors = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.1.0

$Error1 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.1

$Error2 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.2

$Error3 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.3

$Error4 = Get-SnmpData -IP $IP -Community $Community -OID 1.3.6.1.4.1.318.1.1.13.4.3.2.1.3.4

$SubstractError = 0

if ($Error1.Data.length -gt 0) {

if ($Error1.Data -ne "NoSuchInstance") {

if ($Error1.Data -eq "No Backup Units Available Alarm") {

$SubstractError += 1

}

$ErrorText = $Error1.Data

}

if ($Error2.Data.length -gt 0) {

if ($Error2.Data -ne "NoSuchInstance") {

if ($Error2.Data -eq "No Backup Units Available Alarm") {

$SubstractError += 1

}

$ErrorText += " - " + $Error2.Data

}

if ($Error3.Data.length -gt 0) {

if ($Error3.Data -ne "NoSuchInstance") {

if ($Error3.Data -eq "No Backup Units Available Alarm") {

$SubstractError += 1

}

$ErrorText += " - " + $Error3.Data

}

if ($Error4.Data.length -gt 0) {

if ($Error4.Data -ne "NoSuchInstance") {

if ($Error4.Data -eq "No Backup Units Available Alarm") {

$SubstractError += 1

}

$ErrorText += " - " + $Error4.Data

}

$TotalErrors.Data = $TotalErrors.Data - $SubstractError

$XML = "<prtg>"

$XML += "<result><channel>Total Errors</channel><value>" + $TotalErrors.Data + "</value><unit>Count</unit></result>"

$XML += "<text>$ErrorText</text>"

$XML += "</prtg>"

Function WriteXmlToScreen ([xml]$xml)

{

$StringWriter = New-Object System.IO.StringWriter;

$XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter;

$XmlWriter.Formatting = "indented";

$xml.WriteTo($XmlWriter);

$XmlWriter.Flush();

$StringWriter.Flush();

Write-Output $StringWriter.ToString();

}

WriteXmlToScreen $XML

July 19, 2019 by Florian Rossmark monitoring prtg scripts

SNMP was deprecated

Microsoft deprecated the SNMP in Windows 2012 (R2). As of Windows 10 1809 respective Windows 2016 this feature is pretty much hidden. The decision likely was made due to security risks related to SNMP, in any case – as of right now it is still available if you really need it – but not via the good old Control Panel – Add Remove Features function. The following should even work on Windows 2019, since there is no indication that Microsoft finally removed the feature itself.

The following link is for Windows Server 2012 (R2) – it clearly states that SNMP is deprecated: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831568(v=ws.11)

Windows client and server operating systems share the same kernel in the background – for the most part.

Alternate ways to enable the feature:

using Apps & Features will help you getting SNMP via Optional Features
- then use Add a feature
PowerShell commands:
- Either those commands
  PowerShell
  Get-WindowsCapability -Online -Name "SNMP*" Add-WindowsCapability -Online -Name "SNMP.Client~~~~0.0.1.0"
  1
  2
  Get-WindowsCapability -Online -Name "SNMP*"
  Add-WindowsCapability -Online -Name "SNMP.Client~~~~0.0.1.0"
- or the following version of commands
  PowerShell
  Get-WindowsCapability -Online | ? Name -like 'SNMP.Client*' Add-WindowsCapability -Online | ? Name -like 'SNMP.Client*'
  1
  2
  Get-WindowsCapability -Online | ? Name -like 'SNMP.Client*'
  Add-WindowsCapability -Online | ? Name -like 'SNMP.Client*'
or you use DISM on a command prompt
MS DOS
DISM /online /add-capability /capabilityname:SNMP.Client~~~~0.0.1.0
1
DISM /online /add-capability /capabilityname:SNMP.Client~~~~0.0.1.0

In all cases – you will run in to an possible issue if you use WSUS – you might need to temporarily bypass it in order to install this feature. It is possible that you need to restart the Windows Update service on the system for this setting to take effect.

Open Regedit and adjust the following key
Microsoft Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU key: UseWUServer new / temp value: 0
1
2
3
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
key: UseWUServer
new / temp value: 0

It is pretty obvious that this feature will be removed at one point – but as of now it is still available.

Let’s talk about a few things in regards to SNMP on Windows – or even in general when it comes to all your switches, firewalls, routers and other network components.

using SNMP on a Windows OS is a potential security risk – actually – SNMP itself is in general, cause it is standardized in often not locked down while having as well just limited security features
- see here for a more official statement on this by the US government: https://www.us-cert.gov/ncas/alerts/TA17-156A
I personally don’t see a reason to use SNMP to monitor a Windows Server – the system itself can easily be monitored by WMI and other methods – that might have pro’s and con’s – but it generally works
There are circumstances then you need SNMP enabled – I had this while coming across mostly UPS software that only allowed to interact with it via SNMP – the UPS itself was connected per USB and the software on a Windows server/client allowed no API calls or similar – you had to enable SNMP on Windows and then use SNMP through Windows to grab data for e.g. UPS monitoring
- having said this – this is actually a flaw by the vendor in such a case and should by addressed with the vendor
- there is possibly more then just an UPS software that does behave like this

December 27, 2018 by Florian Rossmark server solutions windows

SNMP

Monitoring relative printer page counts with PRTG

PRTG and Cisco ASA VPN monitoring

APC InRow A/C error monitoring with PRTG

SNMP was deprecated

Recent blog posts

Blog Archives

SNMP

Recent blog posts

Blog Archives

Tags