Scan Your Network Like a Nerd | SNMP Device Discovery with Bash & Nmap
Easily Track Network Devices Using a Bash & Nmap Script with SNMP
Driving SD-WAN Adoption in South Africa
If you’ve ever managed a network with multiple devices—from Raspberry Pis to switches and routers—you know how messy it can get keeping track of IPs, MAC addresses, system info, and uptime. Today, I’ll show you a simple Bash + Nmap script that scans your network using SNMP, formats the results neatly in the terminal, and makes device inventory management surprisingly painless.
Why This Script is Cool
✅ Automatic discovery: Checks all devices on your IP list and only scans those with SNMP enabled.
✅ Detailed info: Retrieves IP, MAC, vendor, OS description, and uptime.
✅ Clean output: Prints a neatly aligned table for quick scanning in the terminal.
✅ Human-friendly: Truncates long descriptions and cleans up uptime for readability.
✅ Customizable: You can highlight unknown devices or flag long uptimes for maintenance.
This is especially handy in mixed environments—think Raspberry Pis running various Linux versions, network switches, or IoT devices—where you need a quick overview without manually logging into each device.
The Script
#!/bin/bash
# Define your IPs to scan
ips=("192.168.88.1" "192.168.88.23" "192.168.88.76" "192.168.88.179")
COMMUNITIES="public" # SNMP community string
# Print header once
printf "%-15s %-17s %-20s %-30s %-12s\n" "IP" "MAC" "Vendor" "Description" "Uptime"
printf "%-15s %-17s %-20s %-30s %-12s\n" "---------------" "-----------------" "--------------------" "------------------------------" "------------"
for ip in "${ips[@]}"; do
# Only scan if UDP 161 is exactly 'open'
if ! nmap -Pn -n -sU -p 161 "$ip" | awk '/161\/udp/ {if($2=="open") exit 0; else exit 1}'; then
continue
fi
nmap -sU -p 161 \
--script=snmp-info,snmp-sysdescr \
--script-args "snmpcommunity=${COMMUNITIES}" \
-Pn -n "$ip" | awk '
BEGIN { descr=""; uptime=""; mac=""; vendor=""; host="" }
/^Nmap scan report for / {
host=$NF; descr=""; uptime=""; mac=""; vendor=""; next
}
/^MAC Address:/ {
mac = $3
match($0, /\((.*)\)/, a)
vendor = (a[1]?a[1]:"")
next
}
/^\| snmp-sysdescr:/ {
line=substr($0,index($0,$3))
descr=line
if(length(descr) > 30) descr=substr(descr,1,30)
next
}
/^\|_/ && /System uptime:/ {
line=substr($0,index($0,$4))
sub(/\([0-9]+ timeticks\)/,"",line)
uptime=line
next
}
END {
if(host)
printf "%-15s %-17s %-20s %-30s %-12s\n", host, mac, vendor, descr, uptime
}'
done
Sample Output
IP MAC Vendor Description Uptime
--------------- ----------------- -------------------- ------------------------------ ------------
192.168.88.31 80:AF:CA:A8:E4:7F Unknown Linux FusionNOC 6.12.47+rpt-rp 1h51m59.53s
192.168.88.179 DC:A6:32:14:FE:4E Raspberry Pi Trading Linux 34DiasMedia 6.12.47+rpt- 9h02m16.08s
192.168.88.76 80:AF:CA:A8:E4:7F Unknown Linux FusionNOC 6.12.47+rpt-rp 1h52m15.50s
192.168.88.23 DC:A6:32:14:FE:4E Raspberry Pi Trading Linux 34DiasMedia 6.12.47+rpt- 9h02m27.73s
How It Works
Pre-check SNMP – Only devices with UDP 161 open are scanned.
Retrieve info with Nmap scripts – Uses
snmp-infoandsnmp-sysdescrto gather MAC, vendor, OS, and uptime.Format with awk – Cleans up the description, removes timeticks from uptime, truncates long fields, and prints a nicely aligned table.
Single header – Header is printed only once for readability.
Why You’ll Love It
Time-saving: Instantly see the state of multiple devices without logging into each one.
Readable: No more messy CSVs in the terminal.
Customizable: You can tweak truncation lengths, add colors for unknown vendors, or filter devices by uptime.
If you manage small to medium networks—or even a lab full of Raspberry Pis—this script is a lifesaver. It’s minimal, fast, and leverages tools you already have (nmap and awk).
Ronald Bartels | LinkedIn | Instagram
