Re: Generic Cisco Device Extension - Required OIDs

islam_zidan · ‎19 Dec 2023

Hello,

I went through some deployments that the customer is allowing SNMP access to device interfaces and bandwidth only, so here is a list of additional required OIDs to be allowed to get the full extension visibility.

Metric Name	OID
tcpActiveOpens	.1.3.6.1.2.1.6.5
tcpPassiveOpens	.1.3.6.1.2.1.6.6
tcpAttemptFails	.1.3.6.1.2.1.6.7
tcpEstabResets	.1.3.6.1.2.1.6.8
tcpCurrEstab	.1.3.6.1.2.1.6.9
tcpHCInSegs	.1.3.6.1.2.1.6.17
tcpHCOutSegs	.1.3.6.1.2.1.6.18
tcpRetransSegs	.1.3.6.1.2.1.6.12
tcpInErrs	.1.3.6.1.2.1.6.14
tcpOutRsts	.1.3.6.1.2.1.6.15
udpHCInDatagrams	.1.3.6.1.2.1.7.8
udpNoPorts	.1.3.6.1.2.1.7.2
udpInErrors	.1.3.6.1.2.1.7.3
udpHCOutDatagrams	.1.3.6.1.2.1.7.9
cpmCPUTotal5minRev	.1.3.6.1.4.1.9.9.109.1.1.1.1.8
cpmCPULoadAvg5min	.1.3.6.1.4.1.9.9.109.1.1.1.1.25
cpmCPUMemoryHCUsed	.1.3.6.1.4.1.9.9.109.1.1.1.1.17
cpmCPUMemoryHCFree	.1.3.6.1.4.1.9.9.109.1.1.1.1.19
ciscoEnvMonFanState	.1.3.6.1.4.1.9.9.13.1.4.1.3
ciscoEnvMonTemperatureStatusValue	.1.3.6.1.4.1.9.9.13.1.3.1.3
ifInErrors	.1.3.6.1.2.1.2.2.1.14
ifInDiscards	.1.3.6.1.2.1.2.2.1.13
iifOutErrors	.1.3.6.1.2.1.2.2.1.20
ifOutDiscards	.1.3.6.1.2.1.2.2.1.19
snmpInPkts	.1.3.6.1.2.1.11.1
snmpSilentDrops	.1.3.6.1.2.1.11.31
snmpInBadVersions	.1.3.6.1.2.1.11.3
snmpInBadCommunityNames	.1.3.6.1.2.1.11.4
snmpInBadCommunityUses	.1.3.6.1.2.1.11.5
snmpInNoSuchNames	.1.3.6.1.2.1.11.9
snmpInBadValues	.1.3.6.1.2.1.11.10

Thanks,

Islam

Dynatrace Certified Professional - Dynatrace Partner - Yourcompass.ca

JohanZuleta · ‎08 Feb 2024

Good morning Islam_zidan,

Thank you for the information provided in the extension documentation; this type of information is missing.

Please check if you want to see topics related to Cisco vulnerability data, firmware versions, and patches. I have this information, but I am not sure if it can be applied to the Generic Cisco Device extension.

Device model:

Cisco Security Advisory OID:

OID: .1.3.6.1.4.1.9.9.230.1.1.2.1.1 Description: This OID can be used to obtain information about security advisories published by Cisco. However, please note that this OID may require access to the Cisco vulnerability database and may not provide detailed information about specific vulnerabilities present on a particular device. OID for patch status:

OID: .1.3.6.1.4.1.9.9.305.1.1.2 Description: This OID can provide information about the status of security patches applied on a Cisco device. It may indicate whether the device is up to date with the latest available security patches. OID for security audit:

OID: .1.3.6.1.4.1.9.9.430.1.1.1.0 Description: This OID can provide information about the result of security audits on a Cisco device. It may indicate whether vulnerabilities or insecure security configurations have been detected on the device.

Device firmware (IOS) version:

OID: .1.3.6.1.2.1.16.19.2.0 Description: This OID returns the firmware (IOS) version of the Cisco device. Device serial number:

OID: .1.3.6.1.2.1.47.1.1.1.1.11.1 Description: This OID returns the serial number of the Cisco device. Device model:

OID: .1.3.6.1.2.1.47.1.1.1.1.13.1 Description: This OID returns the model of the Cisco device.

Mohamed_Hamdy · ‎10 Feb 2024

Hi @JohanZuleta ,

I think you can try to add them to the extensions and test the extension as you will find all the OIDs for the extension available in extension.yaml file, you can download the extension from Dynatrace hub and you will find all available OIDs and metadata in extension.yaml

Certified Dynatrace Professional | Certified Dynatrace Services Delivery - Observability & CloudOps | Dynatrace Partner - yourcompass.ca