Tag Archive for snmp

Install CACTI Centos

Cacti is a complete frontend to RRDTool, it stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain Graphs, Data Sources, and Round Robin Archives in a database, cacti handles the data gathering. There is also SNMP support for those used to creating traffic graphs with MRTG.

Required software(s)

You need to install the following software on RHEL / Fedora / CentOS Linux:

  1. MySQL Server : Store cacti data.
  2. NET-SNMP server – SNMP (Simple Network Management Protocol) is a protocol used for network management.
  3. PHP with net-snmp module – Access SNMP data using PHP.
  4. Apache / lighttpd / ngnix webserver : Web server to display graphs created with PHP and RRDTOOL.

Install the software

First, login as root user and type the following command to install mysql, apache and php:
# yum install mysql-server mysql php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-snmp php-pear-Net-SMTP php-mysql httpd

Configure MySQL server

First, set root password:
# mysqladmin -u root password NEWPASSWORD

Create cacti MySQL database

Create a database called cacti, enter:
# mysql -u root -p -e 'create database cacti'
Create a user called cacti with a password called zYn95ph43zYtq, enter:
# mysql -u root -p

mysql> GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY 'zYn95ph43zYtq';
mysql> FLUSH privileges;
mysql> \q

Install snmpd

Type the following command to install net-snmpd
# yum install net-snmp-utils php-snmp net-snmp-libs
Configure snmpd, open /etc/snmp/snmpd.conf
# vi /etc/snmp/snmpd.conf
Append / modify it as follows (see snmpd.conf man page for details):

com2sec local     localhost           public
group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
view all    included  .1                               80
access MyRWGroup ""      any       noauth    exact  all    all    none
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

Save and close the file. Turn on snmpd service:
# /etc/init.d/snmpd start
# chkconfig snmpd on

Make sure you are getting information from snmpd:
# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
Sample ouptut:

IP-MIB::ipAdEntIfIndex.10.10.29.68 = INTEGER: 2
IP-MIB::ipAdEntIfIndex.67.yy.zz.eee = INTEGER: 3
IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 1

Install cacti

First, make sure EPEL repo is enabled. Type the following command to install cacti:
# yum install cacti

Install cacti tables

Type the following command to find out cacti.sql path:
# rpm -ql cacti | grep cacti.sql
Sample output:

/usr/share/doc/cacti-0.8.7d/cacti.sql

Type the following command to install cacti tables (you need to type the cacti user password):
# mysql -u cacti -p cacti < /usr/share/doc/cacti-0.8.7d/cacti.sql

Configure cacti

Open /etc/cacti/db.php file, enter:
# vi /etc/cacti/db.php
Make changes as follows:

 
/* make sure these values refect your actual database/host/user/password */
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "zYn95ph43zYtq";
$database_port = "3306";

Save and close the file.

Configure httpd

Open /etc/httpd/conf.d/cacti.conf file, enter:
# vi /etc/httpd/conf.d/cacti.conf
You need to update allow from line. Either set to ALL or your LAN subnet to allow access to cacti:

 
#
# Cacti: An rrd based graphing tool
#
Alias /cacti    /usr/share/cacti

<Directory /usr/share/cacti/>
        Order Deny,Allow
        Deny from all
        Allow from 10.0.0.0/8
</Directory>

Another option is create /usr/share/cacti/.htaccess file and password protect the directory. Finally, restart httpd:
# service httpd restart

Setup cacti cronjob

Open /etc/cron.d/cacti file, enter:
# vi /etc/cron.d/cacti
Uncomment the line:

*/5 * * * *     cacti   /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

Save and close the file.

Run cacti installer

Now cacti is ready to install. Fire a webbrowser and type the url:
http://your.example.com/cacti/
OR
http://your.server.ip.address/cacti/
Just follow on screen instructions. The default username and password for cacti is admin / admin. Upon first login, you will be force to change the default password.

How do I configure SNMP data collection?

SNMP can be used to monitor server traffic. Once installed login to cacti.
=> Click on Devices

=> Select Localhost

=> Make sure SNMP options are selected as follows:

Fig.01: SNMP configuration

Fig.01: SNMP configuration

Finally, click on Save button.

How do I create SNMP graphs?

Click on “Create Graphs for this Host” link on top right side.

Select SNMP – Interface Statistics

Select a graph type (such as In/Out bytes with total bandwidth)

Finally, click on Create button.

How do I view graphs?

To view graphs click on Graphs tab. Here is sample graph from one my own box:

 

Fig.02: Cacti in Action - Memory, CPU and Network Usage

Fig.02: Cacti in Action – Memory, CPU and Network Usage

Courtesy: www.cyberciti.biz/faq/fedora-rhel-install-cacti-monitoring-rrd-software/

Install SNMP Centos / RHEL

snmp

nstalling SNMP daemon and tools:

As root

yum -y install net-snmp.i686

yum -y install net-snmp-utils

Once these are installed start the snmp daemon:

/etc/init.d/snmpd start

chkconfig snmpd on

 

This is just the basic install but testing it :

snmpwalk -v 1 -c public -O e 127.0.0.1

For production servers it is advisable to at least change the community name.

All configs are in

/etc/snmp/snmpd.conf

In the first step we want to achieve that with a separate password to access from the local machine via time localhost and from the eignenen network segment only answer. The default template file we are now adjusting to our first test as described below.

and traps are setup here:

vi /etc/snmp/snmp.conf

snmpd.conf: 
# An example Developing poet configuration for configuring the ucd- SNMP snmpd agent. 
# 
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # 
# 
# This poet is only intended to be a starting off point. Many more 
# configuration directives exist than are mentioned in this poet. For 
# full details, see the snmpd.conf (5) manual page. 
# 
# All lines Beginning with a '#' are comments and are intended for you 
# to read. All patient lines are configuration commands for the agent.

###############################################################################
# Access Control
###############################################################################

# As shipped, the snmpd demon will only respond to queries on the
# system mib group until this file is replaced or modified for
# security purposes.  Examples are shown below about how to increase the
# level of access.

# By far, the most common question I get about the agent is "why won't
# it work?", when really it should be "how do I configure the agent to
# allow me to access it?"
#
# By default, the agent responds to the "public" community for read
# only access, if run out of the box without any configuration file in 
# place.  The following examples show you other ways of configuring
# the agent so that you can change the community names, and give
# yourself write access to the mib tree as well.
#
# For more information, read the FAQ as well as the snmpd.conf(5)
# manual page.

####
# First, map the community name "public" into a "security name"

Sec.name source community # 
# Django: 2012-07-17 
# default: default com2sec notConfigUser public 
com2sec local            localhost private
com2sec mynetworks 10.0.0.0 / 24      public

####
# Second, map the security name into a group name:

#       groupName      securityModel securityName
# Django : 2012-07-17
# default: group   notConfigGroup v1           notConfigUser
#          group   notConfigGroup v2c           notConfigUser
group   MyROGroup       v1      local
group   MyROGroup       v2c     local
group   MyROGroup       v1      mynetwork
group   MyROGroup       v2c     mynetwork

####
# Third, create a view for us to let the group have rights to:

# Make at least  snmpwalk -v 1 localhost -c public system fast again.
#       name           incl/excl     subtree         mask(optional)
# Django : 2012-07-17
# default: view    systemview    included   .1.3.6.1.2.1.1
#          view    systemview    included   .1.3.6.1.2.1.25.1.1
view    all     included        .iso      80

####
# Finally, grant the group read-only access to the systemview view.

#       group          context sec.model sec.level prefix read   write  notif
# Django : 2012-07-17
# default: access  notConfigGroup ""      any       noauth    exact  systemview none none
access  MyROGroup       ""      any     noauth  exact   all     none    none
access  MyRWGroup       ""      any     noauth  exact   all     all     none

# -----------------------------------------------------------------------------

# Here is a commented out example configuration that allows less
# restrictive access.

# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE.  YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.

##       sec.name  source          community
#com2sec local     localhost       COMMUNITY
#com2sec mynetwork NETWORK/24      COMMUNITY

##     group.name sec.model  sec.name
#group MyRWGroup  any        local
#group MyROGroup  any        mynetwork
#
#group MyRWGroup  any        otherv3user
#...

##           incl/excl subtree                          mask
#view all    included  .1                               80

## -or just the mib2 tree-

#view mib2   included  .iso.org.dod.internet.mgmt.mib-2 fc

##                context sec.model sec.level prefix read   write  notif
#access MyROGroup ""      any       noauth    0      all    none   none
#access MyRWGroup ""      any       noauth    0      all    all    all

###############################################################################
# Sample configuration to make net-snmpd RFC 1213.
# Unfortunately v1 and v2c don't allow any user based authentification, so
# opening up the default config is not an option from a security point.
#
# WARNING: If you uncomment the following lines you allow write access to your
# snmpd daemon from any source! To avoid this use different names for your
# community or split out the write access to a different community and 
# restrict it to your local network.
# Also remember to comment the syslocation and syscontact parameters later as
# otherwise they are still read only (see FAQ for net-snmp).
#

# First, map the community name "public" into a "security name"
#       sec.name        source          community
#com2sec notConfigUser   default         public

# Second, map the security name into a group name:
#       groupName       securityModel   securityName
#group   notConfigGroup  v1              notConfigUser
#group   notConfigGroup  v2c             notConfigUser

# Third, create a view for us to let the group have rights to:
# Open up the whole tree for ro, make the RFC 1213 required ones rw.
#       name            incl/excl       subtree mask(optional)
#view    roview          included        .1
#view    rwview          included        system.sysContact
#view    rwview          included        system.sysName
#view    rwview          included        system.sysLocation
#view    rwview          included        interfaces.ifTable.ifEntry.ifAdminStatus
#view    rwview          included        at.atTable.atEntry.atPhysAddress
#view    rwview          included        at.atTable.atEntry.atNetAddress
#view    rwview          included        ip.ipForwarding
#view    rwview          included        ip.ipDefaultTTL
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteDest
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMetric1
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMetric2
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMetric3
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMetric4
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteType
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteAge
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMask
#view    rwview          included        ip.ipRouteTable.ipRouteEntry.ipRouteMetric5
#view    rwview          included        ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex
#view    rwview          included        ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress
#view    rwview          included        ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress
#view    rwview          included        ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType
#view    rwview          included        tcp.tcpConnTable.tcpConnEntry.tcpConnState
#view    rwview          included        egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger
#view    rwview          included        snmp.snmpEnableAuthenTraps

# Finally, grant the group read-only access to the systemview view.
#       group          context sec.model sec.level prefix read   write  notif
#access  notConfigGroup ""      any       noauth    exact  roview rwview none

###############################################################################
# System contact information
#

# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file:

# Django : 2012-07-17
# default: syslocation Unknown (edit /etc/snmp/snmpd.conf)
#          syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
syslocation "vml000010, vHost auf pml010002, EDV-Schrank im UG - HE16, nausch.org"
syscontact django@nausch.org

# Example output of snmpwalk:
#   % snmpwalk -v 1 localhost -c public system
#   system.sysDescr.0 = "SunOS name sun4c"
#   system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
#   system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
#   system.sysContact.0 = "Me <me@somewhere.org>"
#   system.sysName.0 = "name"
#   system.sysLocation.0 = "Right here, right now."
#   system.sysServices.0 = 72

###############################################################################
# Logging
#

# We do not want annoying "Connection from UDP: " messages in syslog.
# If the following option is commented out, snmpd will print each incoming
# connection, which can be useful for debugging.
 
dontLogTCPWrappersConnects yes

# -----------------------------------------------------------------------------

###############################################################################
# Process checks.
#
#  The following are examples of how to use the agent to check for
#  processes running on the host.  The syntax looks something like:
#
#  proc NAME [MAX=0] [MIN=0]
#
#  NAME:  the name of the process to check for.  It must match
#         exactly (ie, http will not find httpd processes).
#  MAX:   the maximum number allowed to be running.  Defaults to 0.
#  MIN:   the minimum number to be running.  Defaults to 0.

#
#  Examples (commented out by default):
#

#  Make sure mountd is running
#proc mountd

#  Make sure there are no more than 4 ntalkds running, but 0 is ok too.
#proc ntalkd 4

#  Make sure at least one sendmail, but less than or equal to 10 are running.
#proc sendmail 10 1

#  A snmpwalk of the process mib tree would look something like this:
# 
# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2
# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1
# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2
# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3
# enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd"
# enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd"
# enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail"
# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0
# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0
# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1
# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0
# enterprises.ucdavis.procTable.prEntry.prMax.2 = 4
# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10
# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0
# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0
# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0
# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running."
# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = ""
# enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = ""
# enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0
# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0
# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0
#
#  Note that the errorFlag for mountd is set to 1 because one is not
#  running (in this case an rpc.mountd is, but thats not good enough),
#  and the ErrMessage tells you what's wrong.  The configuration
#  imposed in the snmpd.conf file is also shown.  
# 
#  Special Case:  When the min and max numbers are both 0, it assumes
#  you want a max of infinity and a min of 1.
#

# -----------------------------------------------------------------------------

###############################################################################
# Executables/scripts
#

#
#  You can also have programs run by the agent that return a single
#  line of output and an exit code.  Here are two examples.
#
#  exec NAME PROGRAM [ARGS ...]
#
#  NAME:     A generic name. The name must be unique for each exec statement.
#  PROGRAM:  The program to run.  Include the path!
#  ARGS:     optional arguments to be passed to the program

# a simple hello world

#exec echotest /bin/echo hello world

# Run a shell script containing:
#
# #!/bin/sh
# echo hello world
# echo hi there
# exit 35
#
# Note:  this has been specifically commented out to prevent
# accidental security holes due to someone else on your system writing
# a /tmp/shtest before you do.  Uncomment to use it.
#
#exec shelltest /bin/sh /tmp/shtest

# Then, 
#% snmpwalk-v 1-c public localhost .1.3. 6 .1.4.1.2021.8 
enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1 # 
# = enterprises.ucdavis.extTable.extEntry.extIndex.2 2 
# enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest" 
# enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest" 
# enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/ bin / echo hello world " 
# enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/ bin / sh / tmp / shtest" 
enterprises.ucdavis.extTable.extEntry.extResult.1 = 0 # 
# enterprises.ucdavis.extTable.extEntry. extResult.2 = 35 
# enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world." 
# enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world." 
# enterprises.ucdavis.extTable.extEntry. extErrFix.1 = 0 
= 0 # enterprises.ucdavis.extTable.extEntry.extErrFix.2

# Note that the second line of the /tmp/shtest shell script is cut
# off.  Also note that the exit status of 35 was returned.

# -----------------------------------------------------------------------------

###############################################################################
# disk checks
#

# The agent can check the amount of available disk space, and make
# sure it is above a set limit.  

# disk PATH [MIN=100000]
#
# PATH:  mount path to the disk in question.
# MIN:   Disks with space below this value will have the Mib's errorFlag set.
#        Default value = 100000.

# Check the / partition and make sure it contains at least 10 megs.

#disk / 10000

#% Snmpwalk-v 1-c public localhost .1.3. 6 .1.4.1.2021.9 
enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0 # 
# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F 
# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/ dev/dsk/c201d6s0" 
enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000 # 
# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130 
# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 31 6 325 
437 092 = # enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 
enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58 # 
# enterprises.ucdavis . diskTable.dskEntry.diskErrorFlag.1 = 0 
# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = ""

# Django: 2012-07-31 
# folgende partition definiert 
disk / 
disk / boot
disk /var/log

# -----------------------------------------------------------------------------

###############################################################################
# load average checks
#

# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX:   If the 1 minute load average is above this limit at query
#         time, the errorFlag will be set.
# 5MAX:   Similar, but for 5 min average.
# 15MAX:  Similar, but for 15 min average.

# Check for loads:
load 12 14 14

#% Snmpwalk-v 1-c public localhost .1.3. 6 .1.4.1.2021.10 
enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 # 1 = 
# 2 = enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 
# enterprises . ucdavis.loadTable.laEntry.loadaveIndex.3 = 3 
# enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1" 
# enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5" 
# enterprises . ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15" 
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "00:49" Hex: 30 2E 34 39 
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "00:31" Hex: 30 2E 33 31 
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.2 6 "Hex: 30 2E 32 3 6 
 # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12:00" 
# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14:00" 
# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14:00" 
enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0 # 
# enterprises.ucdavis . loadTable.laEntry.loadaveErrorFlag.2 = 0 
= 0 enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 # 
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = "" 
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage. 2 = "" 
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = ""

# -----------------------------------------------------------------------------

###############################################################################
# Extensible sections.
# 

# This alleviates the multiple line output problem found in the
# previous executable mib by placing each mib in its own mib table:

# Run a shell script containing:
#
# #!/bin/sh
# echo hello world
# echo hi there
# exit 35
#
# Note:  this has been specifically commented out to prevent
# accidental security holes due to someone else on your system writing
# a /tmp/shtest before you do.  Uncomment to use it.
#
# exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest

#% Snmpwalk-v 1-c public localhost .1.3. 6 .1.4.1.2021.50 
enterprises.ucdavis.50.1.1 = 1 # 
# enterprises.ucdavis.50.2.1 = "shelltest" 
# enterprises.ucdavis.50.3.1 = "/ bin / sh / tmp / shtest" 
enterprises.ucdavis.50.100.1 = 35 # 
# enterprises.ucdavis.50.101.1 = "hello world." 
# enterprises.ucdavis.50.101.2 = "hi there." 
# enterprises.ucdavis.50.102.1 = 0

# Now the Output has grown to two lines, and we can see the 'hi
# there.' output as the second line from our shell script.
#
# Note that you must alter the mib.txt file to be correct if you want
# the .50.* outputs above to change to reasonable text descriptions.

Other ideas #: 
# 
# exec .1.3. 6 .1.4.1.2021.51 ps / bin / ps 
# exec .1.3. 6 .1.4.1.2021.52 top / usr / local / bin / top 
# exec .1.3. 6 . 1.4.1.2021.53 mailq / usr / bin / mailq

# -----------------------------------------------------------------------------

###############################################################################
# Pass through control.
# 

# Usage:
#   pass MIBOID EXEC-COMMAND
#
# This will pass total control of the mib underneath the MIBOID
# portion of the mib to the EXEC-COMMAND.  
#
# Note:  You'll have to change the path of the passtest script to your
# source directory or install it in the given location.
# 
# Example:  (see the script for details)
#           (commented out here since it requires that you place the
#           script in the right location. (its not installed by default))

# .1.3 Pass. 6 .1.4.1.2021.255 / bin / sh / usr / local / local / passtest

#% Snmpwalk-v 1-c public localhost .1.3. 6 .1.4.1.2021.255 
# enterprises.ucdavis.255.1 = "life the universe and everything" 
enterprises.ucdavis.255.2.1 = 42 # 
# enterprises.ucdavis.255.2 .2 = OID: 42.42.42 
# enterprises.ucdavis.255.3 = Timeticks: (3 6 313 6 200) 42 days, 0:42:42 
# enterprises.ucdavis.255.4 = IPAddress: 127.0.0.1 
# enterprises.ucdavis.255.5 = 42 
# enterprises.ucdavis.255. 6 = Gauge: 42 
# 
#% snmpget-v 1 localhost public .1.3. 6 .1.4.1.2021.255.5 
enterprises.ucdavis.255.5 = # 42 
# 
#% snmpset-v 1 localhost public .1.3. 6 .1.4.1.2021.255.1 s "New string" 
# enterprises.ucdavis.255.1 = "New string" 
#

# For specific usage information, see the man/snmpd.conf.5 manual page
# as well as the local/passtest script used in the above example.

###############################################################################
# Further Information
#
#  See the snmpd.conf manual page, and the output of "snmpd -H".

After the configuration file is populated with a lot of comments, see you only look at what is there currently enabled.
# egrep -v '(^.*#|^$)' /etc/snmp/snmpd.conf 

With this minimal configuration of the SNMP daemon following parameters can be queried:

  • CPU load and average load (load)
  • Number of processes
  • Memory and swap usage
  • Disk Utilization
  • logged in user
  • Network interface

Server startup

The first launch of our daemons is the usual syntax diagram:

 # service snmpd start
 start snmpd: [OK]

In syslog the successful start is acknowledged accordingly:

Nss Jan 10 14:12:38 snmpd [2782 6 ]: Creating directory: / var/net- snmp  
 nss Jan 10 14:12:38 snmpd [2782 6 ]: NET- SNMP version 5.3.1

In order for the snmp daemon snmpd starts automatically at every system start, the establishment of a start-script can be reached via the following command:

  # chkconfig snmpd on

A check whether the service (daemon) really sshd is started at each boot automatically, can be achieved by following command:

 # chkconfig --list | grep snmpd
 snmpd 0: OFF 1: OFF 2: ON 3: on 4: on 5: A    6 : Off

erster Test the Minimal Configuration

In our first configuration, we have indicated that both localhost and mynetwork should be used different passwords. Now we want to try this in the first Test. For testing we use the program snmpwalk from the RPM package net- snmp -utils .

a description of the options we need to refer to the man page of snmpwalk .

 Man # snmpwalk