This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to filter SNMP packets by oid?

0

Has this possibility been removed? I think in previous versions it was possible to do the following filter: "snmp.ObjectName == ..." However, this is not supported. Also snmp.value.oid does not support the == operator. What is wrong here?

asked 12 Jul '12, 05:28

gubbanoa's gravatar image

gubbanoa
6113
accept rate: 0%

One Answer:

1

snmp.ObjectName may have changed. I can find snmp.name in Wireshark 1.8.0.

Both (snmp.name and snmp.value.oid) do work on my system (Win7_64) with Wireshark 1.8.0. I can apply filters (== and contains). I do get the expected result.

Can you please add more details (your wireshark version, system, error messages).

Regards
Kurt

answered 12 Jul '12, 07:50

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 12 Jul '12, 07:51

Hi Kurt! For instance "snmp.name == 1.3.6.1.2.1.1.2.0" does the trick, thanks. However, snmp.value.oid does not return any results. Yes my system configuration is the exact same as yours. Have a nice summer!

(13 Jul '12, 00:51) gubbanoa