I recently came across
snmpwalk, and I thought it would be interesting to look through some traffic on my home network. I'm sure there are gui's out there to do this, but I wanted something minimal. SNMP::Monitor is a Perl package for monitoring remote hosts via SNMP, but I haven't dived into it just yet, so I'm saving it for later.
I want to see if I can get anything out of this by generalizing the model SNMP data as much as possible. Ideally to parse and map it to some model of communicating agents. Visualizations would be nice.
A brief dive into the literature immediately searchable on SNMP trace analysis, yielded somewhat dated results. So worth spending a bit of time thinking about.
Using a LLM to generate a decent amount of dummy traffic shouldn't be a problem, but I will need to do some testing to determine whether it's close to anything seen in the wild.
Maybe I will use it maybe I won't, but I ended up pulling together a quick script to capture my local traffic.
123456789101112131415161718192021222324#!/usr/bin/perl
use strict;
use warnings;
my $command_output = `snmpwalk -csv -v1 -c public 192.168.1.1`;
if ($? == -1) {
die "Failed to execute command: $!\n";
} elsif ($? & 127) {
die sprintf("Command died with signal %d, %s coredump\n", ($? & 127), ($? & 128) ? 'with' : 'without');
} else {
my $exit_code = $? >> 8;
if ($exit_code != 0) {
die "Command failed with exit code $exit_code\n";
}
}
open(my $fh, '>', 'snmpwalk_output.csv') or die "Could not open file 'snmpwalk_output.csv' $!";
print $fh $command_output;
close $fh;
print "snmpwalk output has been saved to 'snmpwalk_output.csv'\n";
ok, so lets take a look at the data in snmpwalk_output.csv.
...