See runZero in action

Contact us to book a demo with our team.

Collecting Device Serial Numbers and Asset Tags over SNMP

(updated ), by Chris Kirsch

A few weeks ago, one of our customers asked us if we could pull serial numbers out of Cisco devices because this would be very useful for their MSSP business. We were able to update the scan engine quick and this feature is now included as of release 1.15.3. Pulling serial numbers remotely can be very useful to for support questions and to see if a device’s warranty has expired and it should be replaced. You must have SNMP credentials (or the v2 community “public”) configured for your scans for this query to work.

If taking old equipment off the network is your use case, Rumble can also show the device age based on the MAC address manufacturing date.

Finding Device Serial Numbers in Rumble #

In your Rumble Console, go to Inventory in the left navigation and enter:

protocol:snmp has:snmp.serialNumbers

Finding device serial numbers in Rumble

Clicking on a host in this list and scrolling down to the SNMP section, we see the serial number for this Netgear device:

Finding device serial numbers in Rumble

Clicking on the left-side search icon will produce a report of all serial numbers found across the organization:

Finding device serial numbers in Rumble

Finding Asset Tags #

A similar feature enables you to find the asset tags of Dell iDRAC systems, which are stored in the snmp.sysName property. A good query to use to find these is:

protocol:snmp has:"snmp.sysName"

Finding device serial numbers in Rumble

You can also filter for specific asset tags. A good query to find Dell iDRAC Asset Tags is:

protocol:snmp snmp.sysName:"drac-"

Finding device serial numbers in Rumble

Clicking on the left-side search icon will produce a report of all SNMP system names across the organization, including the Dell iDRAC asset tags. These asset tags can be queried online from the Dell website to obtain the full specification of the hardware.

Finding device serial numbers in Rumble

Exporting Cisco serials in Smart Net Total Care (SNTC) format #

For Rumble Enterprise users who need to manage Cisco device warranties or support warranty contracts, there is a new export format available that makes sharing data between Rumble and the Smart Net Total Care (SNTC) portal a lot easier. The Rumble Cisco SNTC CSV export is formatted specifically so you can export your data and directly import it into your SNTC portal.

In your Rumble Console, go to your inventory and filter only for Cisco devices (os:cisco). From the Export menu, you can see options to export all assets or queried asset results.

From the Export menu, choose Cisco SNTC CSV, located under Export Search Results.

Exporting Cisco serial numbers in Rumble

This will only export the results from the os:cisco query. The export includes the host name, IP address, serial number, product ID, MAC address, system location, software type, and software version.

If you are not seeing any results, make sure that a valid SNMP v2 or v3 credential was provided as part of the discovery scan.

Try Rumble to Manage Your Network #

If you haven’t had a chance to try runZero, or would like to find serial numbers & asset tags on your internal network, sign up for a free trial and let us know what you think!

Chris Kirsch
Written by Chris Kirsch

Chris Kirsch is a co-founder and board member of runZero. Chris started his career at an InfoSec startup in Germany and has since worked for PGP, nCipher, Rapid7, and Veracode. He has a passion for OSINT and Social Engineering. In 2017, he earned the Black Badge for winning the Social Engineering Capture the Flag competition at DEF CON, the world’s largest hacker conference.

Similar Content

October 16, 2023

Finding Cisco IOS-XE devices with runZero

An actively exploited critical zero-day vulnerability has surfaced in the Cisco IOS-XE operating system, which is used on Cisco routers, switches, and other devices. Deemed “critical” in severity with a CVSS score of 10 out of 10, this vulnerability affects any device …

Read More

December 9, 2022

Finding Cisco 7800 and 8800 series IP phone assets on your network

Cisco 7800 and 8800 IP phones can be found in many companies and organizations. Successful exploitation of this vulnerability can provide an unauthenticated attacker in the same network segment or VLAN with remote code execution or denial-of-service capabilities.

October 25, 2021

Finding Cisco devices running IOS XE

Cisco recently disclosed a command execution vulnerability that affects some versions of IOS XE SD-WAN software running on Cisco routing devices and virtual instances. With a CVSSv3 score of 7.8, this vulnerability (assigned CVE-2021-1529) is due to inadequate input …

Read More

Subscribe and stay in the loop!

We won't share your email.

Unsubscribe at any time.