SNMP vs WMI: the advantage of less resource consuming monitor types

SNMP vs WMI: the advantage of less resource consuming monitor types

Are you using one of notable ways to reduce load on your servers?

Scales

WMI (Windows Management Instrumentation) is an actual standard to access and/or control Windows components, services and applications. With its query language (resembling the SQL used by many relational databases), WMI allows collecting information from multiple sources, so-called providers. However, this comes at a cost: running WMI query is a resource- and time-consuming operation (comparing to certain alternatives).

What’s worse, to interact with WMI-enabled host, one needs to configure remote WMI access properly.

To run WMI queries, in most cases administrator’s privileges are required. There are cases when no partially elevated user account can be actually used for WMI query. That means, in turn, a possible security issue.

There’s, however, simpler and more efficient alternative: SNMP.

SNMP under Windows

To begin using SNMP under Windows, corresponding service should be installed first. This is a straightforward process taking a few minutes.

By default, there are no communities defined for Windows SNMP service (that means, no access by default) and the only host allowing connection is the loopback interface (“localhost”), i.e. the same system. That can be configured either from corresponding SNMP Windows Service settings, or by means of PowerShell script. Similarly, SNMP Traps can also be configured.

By default, standard SNMP service under Windows provides basic information on performance counters for CPU (how much CPU time has been used by certain process), RAM (memory usage per process), processes list and network-related information.

When necessary, SNMP can be programmatically extended (e.g., with #SNMP library), allowing any user-defined variables and controls.

SNMP under other OSes

Net-SNMP library is typical default SNMP implementation of both clients and servers for other OS types (including Linux distributions, BSD-like systems, macOS and others). By default, Net-SNMP includes limited read-only access to certain general system information.

Unlike in Windows implementation, extending Net-SNMP is simpler. To populate certain OID trees (SNMP variables), a command producing them should be mentioned in configuration file (which allows on-the-fly modification when necessary)

General SNMP advantages over WMI

SNMP authentication requires fewer steps and is added as simply as removed. Setting up remote WMI access can be a challenge.

SNMP probes in general require less resources and take less time than WMI queries.

Extending SNMP to add required OIDs can be similarly simple (or simpler) than extending WMI.

Conclusion

Although SNMP cannot completely replace WMI (there can be WMI providers that do not have SNMP counterparts; there are queries that manage Windows resources or actions not controlled by SNMP), for monitoring (read-only) purposes it can be used in many cases.

When SNMP replacement is available, one should consider using it, other conditions equal.

If you need assistance with setting up a SNMP monitor for a case mentioned above, feel free to contact us and/or post to a comment form below.