This shows you the differences between two versions of the page.
simple_snmp [2007/08/29 00:07] adam |
simple_snmp [2016/11/25 22:38] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Simple SNMP on Windows and Linux ===== | ||
- | This page describes a simple SNMP setup for Linux and Windows with graphs for output. It doesn' | ||
- | |||
- | ==== Basics ==== | ||
- | |||
- | Simple Network Management Protocol is a protocol used to querying hosts for information about their status, such as CPU usage, bandwidth usage, memory usage and so on. SNMP uses UDP port 161. There are 3 SNMP versions: 1, 2c and 3. Put simply, 2c offers more information than 1, but both pass the community name in clear text. A community name is like a password for SNMP. For greater security, including encryption, use SNMP v3. SNMP v3 is not covered here as at that point, your usage goes beyond simple. Do not run SNMP across a hostile network like the Internet. | ||
- | |||
- | You can graph the statistics retrieved using SNMP using tools like MRTG, ZenOSS, Cacti and so on to monitor patterns in system state and resource usage over time. This can help identify issues, anomolies and potentially, | ||
- | |||
- | Most networking devices such as routers (even home consumer routers) and managed switches offer SNMP support. The most common usage of SNMP is in querying for system status information as described above, but it is also possible to write values to a system using SNMP and using certain types of system events as what are called SNMP traps, which are sent to a monitoring system which will generate alerts for the system administrators. Neither SNMP writes or SNMP traps are discussed here. Perhaps they will be in an update at some point. | ||
- | |||
- | Information is stored in a tree like structure as far as SNMP is concerned. MIBs (Management Information Bases) are essentially like branches on the tree, they are groups of related SNMP data, such as system data, interface data. OIDs (object identifiers) are leaves on the tree, that is, they are individual items of queryable data. Phew. Technical. OIDs are normally numeric values, but thankfully most have human memorable names. MIBs are stored as text files under / | ||
- | |||
- | Many network hardware vendors provide MIBs which map their specific hardware information (temperatures, | ||
- | |||
- | I once heard SNMP described as, "The S in SNMP is for simple, but that does not mean it is trivial." | ||
- | |||
- | ==== Install Software ==== | ||
- | |||
- | On all machines install the SNMP daemon or service. Most SNMP implementations on Linux can serve SNMP version 1, 2c and 3. Windows SNMP, at least in Windows 2000 and XP serves SNMP v1 and 2c only. Windows Vista people will have to figure it out themselves. | ||
- | |||
- | === For Fedora/Red Hat/CentOS === | ||
- | |||
- | yum install net-snmp | ||
- | |||
- | === Debian/ | ||
- | |||
- | apt-get install snmpd | ||
- | |||
- | === Windows XP/2000 === | ||
- | |||
- | Go to the Add/Remove Programs applet in the Control Panel, go to Add/Remove Windows Components and install the Network Management Tools. You will need your Windows install CD if the files aren't already cached on your hard disk. Note that the Windows SNMP service is started immediately. Windows Vista people will have to figure it out themselves. | ||
- | |||
- | ==== Configure the SNMP Service/ | ||
- | |||
- | === Linux === | ||
- | |||
- | Go to /etc/snmp and run: | ||
- | |||
- | cp snmpd.conf snmpd.conf.orig; | ||
- | |||
- | This gives us a clean snmpd.conf to play with rather than editing the considerable default config. | ||
- | |||
- | Add the following to snmpd.conf: | ||
- | |||
- | rocommunity < | ||
- | syslocation < | ||
- | syscontact < | ||
- | | ||
- | ## | ||
- | ## | ||
- | com2sec | ||
- | com2sec | ||
- | com2sec | ||
- | | ||
- | ## | ||
- | ## | ||
- | group MyROGroup_1 | ||
- | group MyROGroup_1 | ||
- | group MyROGroup_2 | ||
- | | ||
- | ## | ||
- | ## | ||
- | view all-mibs | ||
- | | ||
- | ## MIB | ||
- | ## group.name | ||
- | ## ========== | ||
- | access | ||
- | access | ||
- | |||
- | Note of course to change the values in angled brackets to be suitable for your environment. Be sure to give a community name which is unique on your network. Community names are like SNMP passwords. The common default is the word public, so don't use that for security reasons. Also specify the IP address of the server which will be used to collect SNMP data, it is best to narrow it down as far as possible to single IP addresses or IP ranges. | ||
- | |||
- | Syslocation is an arbitrary string which says where the machine is physically located and the syscontact is the email address of the system administrator. | ||
- | |||
- | Much of the above config is taken from [[http:// | ||
- | |||
- | So, restart your SNMP daemon to come up with the new config. | ||
- | |||
- | === Windows XP/2000 === | ||
- | |||
- | Go to the Control Panel, Administrative Tools and then Services. Double-click SNMP Service and select the Agent tab. Provide a sysadmin email address and a location. Optionally add Physical and Datalink and subnetwork if you think you need them. The choose the Security tab. Edit the read-only community name and make it the same as the one you use on your other machines as detailed in the Linux configuration above, unless you specifically want a different community name. | ||
- | |||
- | It is best practice to narrow down the hosts you will accept SNMP requests from so click Accept SNMP packets from these hosts and add the host from which you will be querying, then click Ok. Windows SNMP Service automatically restarts with the new configuration when you make changes to it, which is nice of it. | ||
- | |||
- | As usual, Vista people are on their own here. | ||
- | |||
- | You need to make your firewall allow SNMP queries from your query machine, you have a firewall right? Windows Firewall doesn' | ||
- | |||
- | ==== Set Up Your SNMP Query Host ==== | ||
- | |||
- | You need a machine to make requests from and this should be the machine which you have in your SNMP configuration on the other machines. For Windows, I don't know what you're going to do, I don't use Windows for anything network related, so you're on your own. You'll probably have to pay someone money for some software, but you could try starting with the snmp command or look at PRTG for graphing, it should point you in the right direction. | ||
- | |||
- | On Fedora: | ||
- | |||
- | yum install net-snmp-utils | ||
- | |||
- | On Debian/ | ||
- | |||
- | apt-get install snmp | ||
- | |||
- | |||
- | ==== Running SNMP Queries ==== | ||
- | |||
- | Now you want to do some queries, on Debian and Red Hat distros, run: | ||
- | |||
- | snmpwalk -c < | ||
- | |||
- | ...where < | ||
- | |||
- | You can do the same but specify a subset of OIDs to query: | ||
- | |||
- | snmpwalk -c < | ||
- | |||
- | Here we are just asking for all of the interface related OIDs. Or: | ||
- | |||
- | snmpwalk -c < | ||
- | |||
- | Good huh? | ||
- | |||
- | |||
- | ==== Graphing Your Output ==== | ||
- | |||
- | So, you want to do something useful with your SNMP output, because it's just a great big list of crap? On Linux, use [[http:// | ||
- | |||
- | The following example details how to get bandwidth usage graphs. You can take it further by reading [[http:// | ||
- | |||
- | === Install MRTG === | ||
- | |||
- | You should know how to install a package by now: | ||
- | |||
- | apt-get install mrtg | ||
- | |||
- | or | ||
- | |||
- | yum install mrtg | ||
- | |||
- | Your distro will probably create you a directory under /var/www for mrtg so try http:// | ||
- | |||
- | Next you need to create some MRTG config files for the hosts you will query: | ||
- | |||
- | cfgmaker --output=/ | ||
- | |||
- | Be sure of course to change the name of the config file to the name of the machine, the community name and the IP of the host to query. Also be sure to put the path to your web server' | ||
- | |||
- | Now create an page for your output: | ||
- | |||
- | indexmaker --output=/ | ||
- | |||
- | or even an index page with all of your hosts on: | ||
- | |||
- | indexmaker --output=/ | ||
- | |||
- | Now run an mrtg command to create some output: | ||
- | |||
- | env LANG=C / | ||
- | |||
- | You will need to run the command at least 3 time until it produces no errors, while MRTG tries to rotate pre-existing stats which don't exist, this is nothing to worry about. The 'env LANG=C' | ||
- | |||
- | Then browse to your MRTG page to see the output. There will probably be an empty looking graph, which is fine because we've barely collected any stats. | ||
- | |||
- | Add the following line to the crontab of a user which is able to write to your web server' | ||
- | |||
- | '' | ||
- | |||
- | This will make MRTG collect stats via SNMP every 5 minutes. Do the same for any other hosts you wish to graph. Note that I have redirected all standard output and errors to /dev/null, so I don't have to hear about it if it doesn' | ||
- | |||
- | And that, my friend, is it. You should try graphing CPU, disk and memory usage, system load, component temperatures and so on. MRTG is able to graph anything which you pass it information for and SNMP can make most of that information available over a network. | ||
- | |||
- | TODO: | ||
- | |||
- | Links |