Setting Up SNMP
This HowTo will explain how to install and configure the Net-SNMP agent. At time of writing, the latest version available is 5.4 (published on 12/06/2006).
Getting Net-SNMP binaries
Depending on your operating system, you'll find packages or tarballs to install Net-SNMP :
- Linux
Usually every Linux distribution comes with Net-SNMP packages :- RedHat / Fedora : install the net-snmp, net-snmp-libs and net-snmp-utils packages
- Debian / Ubuntu: install the libsnmp-base, libsnmp5, snmp and snmpd packages
- SuSE : install the net-snmp package
- Gentoo : simply emerge the net-snmp ebuild
- Mandriva : install the libnet-snmp5, net-snmp and net-snmp-utils packages.
- AIX
Packages were are available in the University of California Repository, but it's no longer available.
You can find Net-SNMP 5.0.3 for AIX 5.1 on the Bull AIX freeware site. - Solaris
Solaris 10 ships with Net-SNMP 5.0.9 For older Solaris releases, packages are available in the Sunfreeware repository :- release 5.1.1 for Solaris 2.5 SparcFor these packages to work, OpenSSL and GCC libraries need to be installed also.Tarballs are also available from the Net-SNMP main site :
- release 5.2.2 for Solaris 7 on sun4u hardwareThese tarballs have to be extracted from / has they contain absolute paths.
Files are copied to /usr/local/share/snmp, /usr/local/libs, /usr/local/include/net-snmp, /usr/local/man, /usr/local/bin and /usr/local/sbin
- HP-UX
Tarballs are available from the Net-SNMP main site :- release 5.4 for HP-UX 10.20 PA-RISCThese tarballs have to be extracted from / has they contain absolute paths. Beware that the binaries are not stripped in these tarballs, this waste a lot space.
Files are copied to /usr/local/share/snmp, /usr/local/libs, /usr/local/include/net-snmp, /usr/local/man, /usr/local/bin and /usr/local/sbin
- FreeBSD
Net-SNMP is available through the ports
Building the Net-SNMP agent from source
If you can't find binaries for your architecture, you can build the Net-SNMP agent from sources.
Here's how to get the configure options of an already running Net-SNMP agent:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.100.6.0 UCD-SNMP-MIB::versionConfigureOptions.0 = STRING: "'-disable-shared' '--with-mib-modules=host/hr_system'"
Configuring the Net-SNMP agent
Depending on how you've installed Net-SNMP, the main configuration file (snmpd.conf) is located in /etc/snmp (installation from package) or /usr/local/share/snmp (installation from tarball).
Please note that you need to restart (or send the HUP signal) the snmpd daemon whenever you modify snmpd.conf
The minimum configuration is this one:
rocommunity public
This will enable SNMP version 1/2 read-only requests from any host, with the community name public.
With this minimal configuration, you'll be able to graph CPU usage, load average, network interfaces, memory/swap usage, logged in users and number of processes.
You can restrict from which hosts SNMP queries are allowed:
rocommunity public 127.0.0.1 rocommunity test 87.65.43.21
By default Net-SNMP listens on UDP port 161 on all IPv4 interfaces.
With the following example, Net-SNMP will listen on UDP port 10000 on 10.20.30.40 IP address:
agentaddress 10.20.30.40:10000
You can also make it listens on TCP, which is supported by Cacti
agentaddress tcp:161
The “tcp” keyword can then be used in Cacti :
For those who want some more security, you can use the SNMP version 3 protocol, with MD5 or SHA hashing:
createUser frederic MD5 mypassphrase DES group groupv3 usm frederic view all included .iso 80 access groupv3 "" any auth exact all all all
This creates a user “frederic” whose password is “mypassphrase”. To test it:
# snmpget -v 3 -l AuthNoPriv -u frederic -A mypassphrase 10.50.80.45 sysName.0 SNMPv2-MIB::sysName.0 = STRING: cyclopes
In Cacti, add your device, choose SNMP version 3, and fill the username and password fields:
Now that you're done with access control, add these 2 lines in snmpd.conf to indicate the location and contact name of your device:
syslocation Bat. C2 syscontact [email protected]
They will then appear in Cacti management interface :
Some OIDs return a unit, eg ”-153.1 dBm”.
It's a safe idea to turn this off, by adding this to snmpd.conf:
dontPrintUnits true
Next step is to graph filesystems in Cacti; the easyest way is to add this line in snmpd.conf:
includeAllDisks
When you'll run the “ucd/net - Get Monitored Partitions” Data Query, all the mounted filesystems will show up:
If you want a filesystem not to be listed here, add this line to snmpd.conf:
ignoredisk /dev/rdsk/c0t2d0
Unfortunatly, some older versions of Net-SNMP do not fully work with the includeAllDisks keyword
You'll then have to list explicitly all filesystems you want to graph:
disk / disk /usr disk /var disk /oracle
You can also specify NFS mount points.
Please note that the Net-SNMP agent can only report filesystems which where mounted before its start.
If you manually mount filesystems later, you'll have to reload the Net-SNMP agent (send the HUP signal).
You can also graph processes, by adding this to snmpd.conf:
proc httpd
The result will be accessible under the ucdavis.prTable.prEntry tree:
- prCount, number of current processes running with the name in question
- prNames, the process name you're counting.
In our example, the number of Apache processes will be available under the .1.3.6.1.4.1.2021.2.1.5 OID Some useful mib modules are:
- mibII/mta_sendmail, to graph MTA (Sendmail, Postfix, etc.) statistics
- diskio, to enable to graph I/O statistics
- ucd-snmp/lmSensors, for hardware monitoring (Linux and Solaris only)
Mib modules can be added like this:
$ ./configure --with-mib-modules="module1 module2"
To compile Net-SNMP and build a compressed archive, follow these steps:
$ ./configure --with-your-options $ make # mkdir /usr/local/dist # make install prefix=/usr/local/dist/usr/local exec_prefix=/usr/local/dist/usr/local # cd /usr/local/dist # tar cvf /tmp/net-snmp-5.3.1-dist.tar usr # gzip /tmp/net-snmp-5.3.1-dist.tar # rm -rf /usr/local/dist
You can then copy the /tmp/net-snmp-5.3.1-dist.tar.gz file to other servers, and uncompress it from the root directory (everything will get extracted to /usr/local).
Test your configuration
Once Net-SNMP is configured and started, here's how to test it:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.1.1.0 SNMPv2-MIB::sysDescr.0 = STRING: Linux cronos 2.4.28 #2 SMP ven jan 14 14:12:01 CET 2005 i686
This basic query shows that your Net-SNMP agent is reachable.
You can even query which Net-SNMP version is running on a host:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.100.2.0 UCD-SNMP-MIB::versionTag.0 = STRING: 5.2.1.2
An answer like that one
$ snmpwalk -v 1 -c foo localhost .1.3.6.1.2.1.1.1.0 Timeout: No Response from localhost
indicates that either the agent is not started, or that the community string is incorrect, or that this device is unreachable. Check your community string, add firewall rules if necessary, etc.
If using SNMP version 3, specifying an unknown user will result in this error message :
$ snmpget -v 3 -l AuthNoPriv -u john -A mypassphrase 10.50.80.45 sysName.0 snmpget: Unknown user name
An incorrect passphrase will result in this error message :
$ snmpget -v 3 -l AuthNoPriv -u frederic -A badpassphrase 10.50.80.45 sysName.0 snmpget: Authentication failure (incorrect password, community or key)
This query will show you what filesystems are mounted:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.9.1.2 UCD-SNMP-MIB::dskPath.1 = STRING: / UCD-SNMP-MIB::dskPath.2 = STRING: /BB UCD-SNMP-MIB::dskPath.3 = STRING: /dev/shm
If the answer is empty, usually it means the includeAllDisks is not supported by your Net-SNMP agent (you'll have to list each filesystem you want to graph as explained in previous chapter).
Finally, this query will you display your network interfaces:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.2.2.1.2 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: eth0 IF-MIB::ifDescr.3 = STRING: eth1
Extending the SNMP Agent
A great functionnality of Net-SNMP is that you can “extend” it.
Let's run the /tmp/foo.sh script:
$ /tmp/foo.sh -arg1 123
Now put this in snmpd.conf:
exec foo /bin/sh /tmp/foo.sh -arg1
The result of your script will be accessible under the ucdavis.extTable.extEntry tree: * output of the script : ucdavis.extTable.extEntry.extOutput * exit status: ucdavis.extTable.extEntry.extResult * command: ucdavis.extTable.extEntry.extCommand
You can check the result with this SNMP query:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.8.1 UCD-SNMP-MIB::extIndex.1 = INTEGER: 1 UCD-SNMP-MIB::extNames.1 = STRING: foo UCD-SNMP-MIB::extCommand.1 = STRING: /bin/sh /tmp/foo.sh -arg1 UCD-SNMP-MIB::extResult.1 = INTEGER: 0 UCD-SNMP-MIB::extOutput.1 = STRING: 123 UCD-SNMP-MIB::extErrFix.1 = INTEGER: 0 UCD-SNMP-MIB::extErrFixCmd.1 = STRING:
extOutput translates to .1.3.6.1.4.1.2021.8.1.101 As “foo” is our first exec directive, add .1 at the end of the OID.
In Cacti, use the “SNMP - Generic OID Template” like this:
Voila! Result of the /tmp/foo.sh script is now graphed in Cacti.
Now let's run this second script, which returns more than one result:
$ /tmp/bar.sh 456 789
It returns two values, one per line (this is important).
Another way to call scripts from snmpd.conf is by specifying an OID, like this:
exec .1.3.6.1.4.1.2021.555 /bin/sh /tmp/bar.sh
Run this query:
$ snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.555 UCD-SNMP-MIB::ucdavis.555.1.1 = INTEGER: 1 UCD-SNMP-MIB::ucdavis.555.2.1 = STRING: "/bin/sh" UCD-SNMP-MIB::ucdavis.555.3.1 = STRING: "/tmp/bar.sh" UCD-SNMP-MIB::ucdavis.555.100.1 = INTEGER: 0 UCD-SNMP-MIB::ucdavis.555.101.1 = STRING: "456" UCD-SNMP-MIB::ucdavis.555.101.2 = STRING: "789" UCD-SNMP-MIB::ucdavis.555.102.1 = INTEGER: 0 UCD-SNMP-MIB::ucdavis.555.103.1 = ""
First line returned by the script will be available at .1.3.6.1.4.1.2021.555.101.1, second one at .1.3.6.1.4.1.2021.555.101.2, and so on.
You can then use the “SNMP - Generic OID Template” in Cacti (one Data Source per OID).
Let's say you want to count the number of entries in a log file. Add this to snmpd.conf:
logmatch cactistats /home/cactiuser/cacti/log/cacti.log 120 SYSTEM STATS
* the global count of matches will be available under the .1.3.6.1.4.1.2021.16.2.1.5.1 OID * the “Regex match counter” (which is reset with each file rotation) will be available under the .1.3.6.1.4.1.2021.16.2.1.7.1 OID
To list all the available variables, use this query:
$ snmpwalk -v 1 -c public localhost logMatch UCD-SNMP-MIB::logMatchMaxEntries.0 = INTEGER: 50 UCD-SNMP-MIB::logMatchIndex.1 = INTEGER: 1 UCD-SNMP-MIB::logMatchName.1 = STRING: cactistats UCD-SNMP-MIB::logMatchFilename.1 = STRING: /home/cactiuser/cacti/log/cacti.log UCD-SNMP-MIB::logMatchRegEx.1 = STRING: SYSTEM STATS UCD-SNMP-MIB::logMatchGlobalCounter.1 = Counter32: 301634 UCD-SNMP-MIB::logMatchGlobalCount.1 = INTEGER: 301634 UCD-SNMP-MIB::logMatchCurrentCounter.1 = Counter32: 6692 UCD-SNMP-MIB::logMatchCurrentCount.1 = INTEGER: 6692 UCD-SNMP-MIB::logMatchCounter.1 = Counter32: 1 UCD-SNMP-MIB::logMatchCount.1 = INTEGER: 0 UCD-SNMP-MIB::logMatchCycle.1 = INTEGER: 120 UCD-SNMP-MIB::logMatchErrorFlag.1 = INTEGER: 0 UCD-SNMP-MIB::logMatchRegExCompilation.1 = STRING: Success
We'll then use another interesting directive, the “proxy” one. Let's take for example the Squid proxy : when enabled, its SNMP agent listen to UDP 3401 port. If you want to have system graphs and Squid graphs without declaring 2 devices in Cacti, add this in snmpd.conf:
proxy -v 1 -c public localhost:3401 .1.3.6.1.4.1.3495.1
The Squid SNMP tree will be available under the .1.3.6.1.4.1.3495.1 branch.
Let's query this host:
$ snmpwalk -v 1 -c public 10.151.33.3 sysdescr SNMPv2-MIB::sysDescr.0 = STRING: Linux srv1.foo.com 2.6.8.1-12mdk #1 Fri Oct 1 12:53:41 CEST 2004 i686
And here's the Squid part (this specific OID returns the Squid version):
$ snmpwalk -v 1 -c public 10.151.33.3 .1.3.6.1.4.1.3495.1.2.3.0 SNMPv2-SMI::enterprises.3495.1.2.3.0 = STRING: "2.5.STABLE6"
Here, you'll find how to enable the Squid SNMP agent.