Difference between revisions of "SNMP client"
(3 intermediate revisions by the same user not shown) | |||
Line 97: | Line 97: | ||
####### SysInformation | ####### SysInformation | ||
sysLocation Goteborg | sysLocation Goteborg | ||
− | sysContact guillaume@qin-diaz.com | + | sysContact Guillaume <guillaume@qin-diaz.com> |
# Application + End-to-End layers (default) | # Application + End-to-End layers (default) | ||
Line 156: | Line 156: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
− | service | + | service snmpd restart |
</syntaxhighlight> | </syntaxhighlight> | ||
Line 163: | Line 163: | ||
− | Run the following command: | + | Run the following command, after reboot: |
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
Line 220: | Line 220: | ||
− | ----- System configuration ----- | + | - - - - - System configuration - - - - - |
Which files should we use? '''all''' | Which files should we use? '''all''' | ||
− | ----- System info ----- | + | - - - - - System info - - - - - |
Config MIB info? '''yes''' | Config MIB info? '''yes''' | ||
Line 234: | Line 234: | ||
− | ----- Access control ----- | + | - - - - - Access control - - - - - |
Configure access control? '''yes''' | Configure access control? '''yes''' | ||
Line 259: | Line 259: | ||
− | ----- SNMP trap (= send event and push data to server) ----- | + | - - - - - SNMP trap (= send event and push data to server) - - - - - |
Configure trap agent? '''yes''' | Configure trap agent? '''yes''' | ||
Line 280: | Line 280: | ||
− | ----- Monitoring configuration ----- | + | - - - - - Monitoring configuration - - - - - |
Monitor various aspects of the system? '''yes''' | Monitor various aspects of the system? '''yes''' | ||
Line 286: | Line 286: | ||
... From now on you can let the default option all the time ... | ... From now on you can let the default option all the time ... | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | Check the "snmpd.conf" file. If ok, replace the old one with the new and restart SNMP: | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | # backup old file | ||
+ | cp /etc/snmp/snmpd.conf cp /etc/snmp/snmpd.conf.backup | ||
+ | |||
+ | # Copy new file | ||
+ | cp snmpd.conf /etc/snmpd/ | ||
+ | |||
+ | # restart SNMP service | ||
+ | service snmp restart | ||
+ | </syntaxhighlight> | ||
Latest revision as of 10:38, 27 October 2014
Contents
SNMP configuration
Simple Network Management Protocol (SNMP).
SNMP is a technnology use to monitor your network components, servers and workstations. Each component will expose some status, settings and events. All that can be use and process to generate health reports, alerts and trigger some actions.
Installation
You need to install SNMP + SNMPD packages. The daemon is required to start the SNMP agent automatically on each reboot.
apt-get install snmp snmpd
apt-get install libsnmp-perl libsnmp-info-perl
Since ubuntu 12.04 you need to install the sensors (MIBs) separatly due to legal issues.
apt-get install snmp-mibs-downloader
Zabbix server specific
Zabbix server also required some specific SNMP libraries:
apt-get install libnet-snmp-perl python-netsnmp
SNMP agent configuration
Edit the configuration file:
vim /etc/snmp/snmpd.conf
Adjust the following options:
####### General
# Run as SNMP agent
master agentx
###############################################################################
# AGENT BEHAVIOUR
#
# Listen for connection from all interfaces - required if you want to use a central monitoring server
agentAddress udp:161,udp6:[::1]:161
###############################################################################
# SNMPv3 AUTHENTICATION
#
createUser vehco
###############################################################################
# ACCESS CONTROL
#
# ... default "view" settings
####### SNMP v1 / SNMP v2
### Read / write communities
rwcommunity vehco 172.16.50.0/24
### Read-only communities
# Allow full access from localhost
rocommunity public default -V systemonly
# Allow full access to LAN community
rocommunity vehco 172.16.50.0/24
####### SNMP v3
## Read / write user
rwuser vehco noauth
## Read-only users
rouser authOnlyUser
rouser internalUser
###############################################################################
# SYSTEM INFORMATION
####### SysInformation
sysLocation Goteborg
sysContact Guillaume <guillaume@qin-diaz.com>
# Application + End-to-End layers (default)
sysServices 72
# ... default value for all others settings
###############################################################################
# ACTIVE MONITORING
#
####### Traps (SNMP event push)
# Note that you typically only want *one* of these three lines
# Uncommenting two (or all three) will result in multiple copies of each notification.
#
#### SNMP v1 receiver
#trapsink localhost public
#### SNMP v2 receiver
trap2sink smartcard-monitoring vehco
#### SNMP v2 informer
#trap2sink smartcard-monitoring vehco
# Trap community
trapcommunity vehco
# Send traps on authentication failure
authtrapenable 1
# ... default value for all others settings
SNMP daemon configuration
Since you have installed the "snmp-mibs-downloader" package you need to comment the default daemon option.
vim /etc/snmp/snmp.conf
Comment the "mibs" line:
#mibs :
Restart the SNMP service:
service snmpd restart
Service testing
Run the following command, after reboot:
# Localhost test
snmpwalk -v2c -c public localhost
# Check what's available on the network -- Use your own client's IP @
snmpwalk -v2c -c vehco 172.16.50.12
-Note-
- v2c = SNMP v2
- v3 = SNMP v3
Expected result:
- You should see some key:value in form of "IF-MIB::ifOperStatus.116 = INTEGER: up(1)" or "SNMPv2-MIB::sysServices.0 = INTEGER: 2"
Known bugs:
- if you see something like "iso.1.2.3.4 ... : value" then you forget to comment the mibs : in /etc/snmp/snmp.conf. You configuration is not correct.
Check that you can retrieve the rights params:
# Retrieve computer name [local]
snmpget -v2c -c public localhost "SNMPv2-MIB::sysName.0"
# Retrieve computer name [network]
snmpget -v2c -c vehco 172.16.50.12 "SNMPv2-MIB::sysName.0"
Interactive configuration
You can run the interactive configuration module if you'd like:
cd /tmp
snmpconf -g basic_setup
Then you'll have to answer a lot of questions!
- - - - - System configuration - - - - -
Which files should we use? all
- - - - - System info - - - - -
Config MIB info? yes
- location? Goteborg
- contact info? guillaume@qin-diaz.com
Set properly sysServices.0 UID? no
- - - - - Access control - - - - -
Configure access control? yes
Allow SNMPv3 user based read/write? yes
- SNMPv3 r/w username: vehco
- SNMPv3 user security: noauth
- OID restrictions? blank
- Another r/w user? no
Allow SNMPv3 user based read-only? no
Allow SNMPv2 r/w community? yes
- community name: vehco
- network: 172.16.50.0/24
- OID restrictions: blank
- Another r/w community? no
Allow SNMPv2 ro community? yes
- community name: public
- network: blank
- OID restrictions: blank
- Another ro community? no
- - - - - SNMP trap (= send event and push data to server) - - - - -
Configure trap agent? yes
Send SNMP trap on SNMP authentication failure? yes
Send SNMP trap on (Linux) authentication failure? 1 (1=yes)
Community to sent trap alerts and events? vehco
SNMPv2 - inform TRAP receiver? yes
- hostname: smartcard-monitoring
- community: vehco
- trap port: blank
- Another link? no
SNMPv2 - inform TRAP informer? no (!! if you say 'yes' then you'll have event duplication)
Send SNMPv1 trap? no
- - - - - Monitoring configuration - - - - -
Monitor various aspects of the system? yes
... From now on you can let the default option all the time ...
Check the "snmpd.conf" file. If ok, replace the old one with the new and restart SNMP:
# backup old file
cp /etc/snmp/snmpd.conf cp /etc/snmp/snmpd.conf.backup
# Copy new file
cp snmpd.conf /etc/snmpd/
# restart SNMP service
service snmp restart
References
- Official Linux documentation: https://help.ubuntu.com/community/SNMPAgent
- Nice tutorial - took me a while to found what the bug comes from: http://www.lampnode.com/linux/howto-install-and-setup-cacti-on-ubuntu-1404/