Cacti (home)ForumsRepositoryDocumentation

Setting Up SNMP

This HowTo will explain how to install and configure the Net-SNMP agent. At time of writing, the latest version available is 5.4 (published on 12/06/2006).

Getting Net-SNMP binaries

Depending on your operating system, you'll find packages or tarballs to install Net-SNMP :

Building the Net-SNMP agent from source

If you can't find binaries for your architecture, you can build the Net-SNMP agent from sources.

Here's how to get the configure options of an already running Net-SNMP agent:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.100.6.0 
UCD-SNMP-MIB::versionConfigureOptions.0 = STRING: "'-disable-shared' '--with-mib-modules=host/hr_system'" 

Configuring the Net-SNMP agent

Depending on how you've installed Net-SNMP, the main configuration file (snmpd.conf) is located in /etc/snmp (installation from package) or /usr/local/share/snmp (installation from tarball).

Please note that you need to restart (or send the HUP signal) the snmpd daemon whenever you modify snmpd.conf

The minimum configuration is this one:

rocommunity public

This will enable SNMP version 1/2 read-only requests from any host, with the community name public.
With this minimal configuration, you'll be able to graph CPU usage, load average, network interfaces, memory/swap usage, logged in users and number of processes.

You can restrict from which hosts SNMP queries are allowed:

rocommunity public 127.0.0.1
rocommunity test 87.65.43.21

By default Net-SNMP listens on UDP port 161 on all IPv4 interfaces.
With the following example, Net-SNMP will listen on UDP port 10000 on 10.20.30.40 IP address:

agentaddress 10.20.30.40:10000

You can also make it listens on TCP, which is supported by Cacti

agentaddress tcp:161

The “tcp” keyword can then be used in Cacti :

listenstcpjt0

For those who want some more security, you can use the SNMP version 3 protocol, with MD5 or SHA hashing:

createUser frederic MD5 mypassphrase DES
group groupv3             usm      frederic
view    all included   .iso      80
access groupv3         ""        any       auth      exact    all         all        all

This creates a user “frederic” whose password is “mypassphrase”. To test it:

# snmpget -v 3 -l AuthNoPriv -u frederic -A mypassphrase 10.50.80.45 sysName.0
SNMPv2-MIB::sysName.0 = STRING: cyclopes

In Cacti, add your device, choose SNMP version 3, and fill the username and password fields:
snmpv3gr1

Now that you're done with access control, add these 2 lines in snmpd.conf to indicate the location and contact name of your device:

syslocation Bat. C2
syscontact someone@somewhere.org

They will then appear in Cacti management interface :

syslocationhb2

Some OIDs return a unit, eg ”-153.1 dBm”.
It's a safe idea to turn this off, by adding this to snmpd.conf:

dontPrintUnits true

Next step is to graph filesystems in Cacti; the easyest way is to add this line in snmpd.conf:

includeAllDisks

When you'll run the “ucd/net - Get Monitored Partitions” Data Query, all the mounted filesystems will show up:

disktableuk6

If you want a filesystem not to be listed here, add this line to snmpd.conf:

ignoredisk /dev/rdsk/c0t2d0

Unfortunatly, some older versions of Net-SNMP do not fully work with the includeAllDisks keyword :-?
You'll then have to list explicitly all filesystems you want to graph:

disk /
disk /usr
disk /var
disk /oracle 

You can also specify NFS mount points.

Please note that the Net-SNMP agent can only report filesystems which where mounted before its start.
If you manually mount filesystems later, you'll have to reload the Net-SNMP agent (send the HUP signal).

You can also graph processes, by adding this to snmpd.conf:

proc httpd

The result will be accessible under the ucdavis.prTable.prEntry tree:

  • prCount, number of current processes running with the name in question
  • prNames, the process name you're counting.

In our example, the number of Apache processes will be available under the .1.3.6.1.4.1.2021.2.1.5 OID Some useful mib modules are:

  • mibII/mta_sendmail, to graph MTA (Sendmail, Postfix, etc.) statistics
  • diskio, to enable to graph I/O statistics
  • ucd-snmp/lmSensors, for hardware monitoring (Linux and Solaris only)

Mib modules can be added like this:

$ ./configure --with-mib-modules="module1 module2" 

To compile Net-SNMP and build a compressed archive, follow these steps:

$ ./configure --with-your-options
$ make
# mkdir /usr/local/dist
# make install prefix=/usr/local/dist/usr/local exec_prefix=/usr/local/dist/usr/local
# cd /usr/local/dist
# tar cvf /tmp/net-snmp-5.3.1-dist.tar usr
# gzip /tmp/net-snmp-5.3.1-dist.tar
# rm -rf /usr/local/dist 

You can then copy the /tmp/net-snmp-5.3.1-dist.tar.gz file to other servers, and uncompress it from the root directory (everything will get extracted to /usr/local).

Test your configuration

Once Net-SNMP is configured and started, here's how to test it:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.1.1.0
SNMPv2-MIB::sysDescr.0 = STRING: Linux cronos 2.4.28 #2 SMP ven jan 14 14:12:01 CET 2005 i686

This basic query shows that your Net-SNMP agent is reachable.

You can even query which Net-SNMP version is running on a host:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.100.2.0
UCD-SNMP-MIB::versionTag.0 = STRING: 5.2.1.2

An answer like that one

$ snmpwalk -v 1 -c foo localhost .1.3.6.1.2.1.1.1.0
Timeout: No Response from localhost

indicates that either the agent is not started, or that the community string is incorrect, or that this device is unreachable. Check your community string, add firewall rules if necessary, etc.

If using SNMP version 3, specifying an unknown user will result in this error message :

$ snmpget -v 3 -l AuthNoPriv -u john -A mypassphrase 10.50.80.45 sysName.0
snmpget: Unknown user name

An incorrect passphrase will result in this error message :

$ snmpget -v 3 -l AuthNoPriv -u frederic -A badpassphrase 10.50.80.45 sysName.0
snmpget: Authentication failure (incorrect password, community or key)

This query will show you what filesystems are mounted:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.9.1.2
UCD-SNMP-MIB::dskPath.1 = STRING: /
UCD-SNMP-MIB::dskPath.2 = STRING: /BB
UCD-SNMP-MIB::dskPath.3 = STRING: /dev/shm

If the answer is empty, usually it means the includeAllDisks is not supported by your Net-SNMP agent (you'll have to list each filesystem you want to graph as explained in previous chapter).

Finally, this query will you display your network interfaces:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.2.2.1.2
IF-MIB::ifDescr.1 = STRING: lo
IF-MIB::ifDescr.2 = STRING: eth0
IF-MIB::ifDescr.3 = STRING: eth1

Extending the SNMP Agent

A great functionnality of Net-SNMP is that you can “extend” it.

Let's run the /tmp/foo.sh script:

$ /tmp/foo.sh -arg1
123

Now put this in snmpd.conf:

exec foo /bin/sh /tmp/foo.sh -arg1

The result of your script will be accessible under the ucdavis.extTable.extEntry tree: * output of the script : ucdavis.extTable.extEntry.extOutput * exit status: ucdavis.extTable.extEntry.extResult * command: ucdavis.extTable.extEntry.extCommand

You can check the result with this SNMP query:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.8.1
UCD-SNMP-MIB::extIndex.1 = INTEGER: 1
UCD-SNMP-MIB::extNames.1 = STRING: foo
UCD-SNMP-MIB::extCommand.1 = STRING: /bin/sh /tmp/foo.sh -arg1
UCD-SNMP-MIB::extResult.1 = INTEGER: 0
UCD-SNMP-MIB::extOutput.1 = STRING: 123
UCD-SNMP-MIB::extErrFix.1 = INTEGER: 0
UCD-SNMP-MIB::extErrFixCmd.1 = STRING:

extOutput translates to .1.3.6.1.4.1.2021.8.1.101 As “foo” is our first exec directive, add .1 at the end of the OID.

In Cacti, use the “SNMP - Generic OID Template” like this:

footh8

Voila! Result of the /tmp/foo.sh script is now graphed in Cacti.

Now let's run this second script, which returns more than one result:

$ /tmp/bar.sh
456
789

It returns two values, one per line (this is important).

Another way to call scripts from snmpd.conf is by specifying an OID, like this:

exec .1.3.6.1.4.1.2021.555 /bin/sh /tmp/bar.sh

Run this query:

$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.555
UCD-SNMP-MIB::ucdavis.555.1.1 = INTEGER: 1
UCD-SNMP-MIB::ucdavis.555.2.1 = STRING: "/bin/sh"
UCD-SNMP-MIB::ucdavis.555.3.1 = STRING: "/tmp/bar.sh"
UCD-SNMP-MIB::ucdavis.555.100.1 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.555.101.1 = STRING: "456"
UCD-SNMP-MIB::ucdavis.555.101.2 = STRING: "789"
UCD-SNMP-MIB::ucdavis.555.102.1 = INTEGER: 0
UCD-SNMP-MIB::ucdavis.555.103.1 = ""

First line returned by the script will be available at .1.3.6.1.4.1.2021.555.101.1, second one at .1.3.6.1.4.1.2021.555.101.2, and so on.

You can then use the “SNMP - Generic OID Template” in Cacti (one Data Source per OID).

Let's say you want to count the number of entries in a log file. Add this to snmpd.conf:

logmatch cactistats /home/cactiuser/cacti/log/cacti.log 120 SYSTEM STATS

* the global count of matches will be available under the .1.3.6.1.4.1.2021.16.2.1.5.1 OID * the “Regex match counter” (which is reset with each file rotation) will be available under the .1.3.6.1.4.1.2021.16.2.1.7.1 OID

To list all the available variables, use this query:

$ snmpwalk -v 1 -c public localhost logMatch
UCD-SNMP-MIB::logMatchMaxEntries.0 = INTEGER: 50
UCD-SNMP-MIB::logMatchIndex.1 = INTEGER: 1
UCD-SNMP-MIB::logMatchName.1 = STRING: cactistats
UCD-SNMP-MIB::logMatchFilename.1 = STRING: /home/cactiuser/cacti/log/cacti.log
UCD-SNMP-MIB::logMatchRegEx.1 = STRING: SYSTEM STATS
UCD-SNMP-MIB::logMatchGlobalCounter.1 = Counter32: 301634
UCD-SNMP-MIB::logMatchGlobalCount.1 = INTEGER: 301634
UCD-SNMP-MIB::logMatchCurrentCounter.1 = Counter32: 6692
UCD-SNMP-MIB::logMatchCurrentCount.1 = INTEGER: 6692
UCD-SNMP-MIB::logMatchCounter.1 = Counter32: 1
UCD-SNMP-MIB::logMatchCount.1 = INTEGER: 0
UCD-SNMP-MIB::logMatchCycle.1 = INTEGER: 120
UCD-SNMP-MIB::logMatchErrorFlag.1 = INTEGER: 0
UCD-SNMP-MIB::logMatchRegExCompilation.1 = STRING: Success

We'll then use another interesting directive, the “proxy” one. Let's take for example the Squid proxy : when enabled, its SNMP agent listen to UDP 3401 port. If you want to have system graphs and Squid graphs without declaring 2 devices in Cacti, add this in snmpd.conf:

proxy -v 1 -c public localhost:3401 .1.3.6.1.4.1.3495.1

The Squid SNMP tree will be available under the .1.3.6.1.4.1.3495.1 branch.

Let's query this host:

$ snmpwalk -v 1 -c public 10.151.33.3 sysdescr
SNMPv2-MIB::sysDescr.0 = STRING: Linux srv1.foo.com 2.6.8.1-12mdk #1 Fri Oct 1 12:53:41 CEST 2004 i686

And here's the Squid part (this specific OID returns the Squid version):

$ snmpwalk -v 1 -c public 10.151.33.3 .1.3.6.1.4.1.3495.1.2.3.0
SNMPv2-SMI::enterprises.3495.1.2.3.0 = STRING: "2.5.STABLE6"

Here, you'll find how to enable the Squid SNMP agent.