snmp for linux, is it really this difficult?
-
Does anybody actually know how to set this up for a Linux box?
In Windows, I install the service. Then I open the SNMP service, type in a read only name and the allowed hosts, the ip/dns of observium/opennms. Then in observium/opennms I type in the name of the Linux box and the read only name. That is it. snmp data flows, charts are drawn, alerts can be sent.In Linux, I install snmp, then goto /etc/snmp/ and see there is 3 files here, snmp.conf, snmpd.conf, snmptrap.conf.
Then I goto net-snmp.org and read about it.
http://www.net-snmp.org/wiki/index.php/Com2sec The !@#$ is this, com2sec?
Then they give this example conf file. Ok but using this snmp.conf doesn't actually let me add the Linux box to my observium/opennms.# Map 'disks' community to the 'disksOnly' user # Map 'everything' community to the 'allThings' user # sec.name source community com2sec disksOnly default disks com2sec allThings default everything # Map 'disksOnly' to 'diskGroup' for SNMP Version 2c # Map 'allThings' to 'allGroup' for SNMP Version 2c # sec.model sec.name group diskGroup v2c disksOnly group allGroup v2c allThings # Define 'diskView', which includes everything under .1.3.6.1.2.1.25.2.3.1 # Define 'allView', which includes everything under .1 (which is everything) # incl/excl subtree view diskView included .1.3.6.1.2.1.25.2.3 view allView included .1 # Give 'diskGroup' read access to objects in the view 'diskView' # Give 'allGroup' read access to objects in the view 'allView' # group context model level prefix read write notify access diskGroup "" any noauth exact diskView none none access allGroup "" any noauth exact allView none none
What is
source
? Is that where I put in the name or ip of my observium/opennms?
I know view acces group, wtf is com2sec. How do I get a Linux box to connect to an nms like opennms/observium? -
@momurda Don't know the answer but everything is more complicated in linux - by design. It's called "flexibility" and "choice". Windows is simpler - also by design.
Anyway the snmp trap is when the agent (server) initiates the communication to send information to the manager (client) - observium/opennms in your case.
So snmptrap.conf is the logical place to find that info.Hmm, that might be wrong...PS. Obvious I know, but check any firewall settings too.
-
Please post what you find.
I'm too interested in this too, because I need to do the exact same thing on a couple of servers.
-
I will. Kind of embarrassing, i work for a company that specializes in linux devices and snmp. I broke down and went to one of the engineers here, asked him to send me snmp configs from one of our models. First time i think am asking them for help instead of other way round.
-
@momurda Don't sweat it. Life is not long enough to learn everything about everything.
-
@pete-s said in snmp for linux, is it really this difficult?:
@momurda Don't know the answer but everything is more complicated in linux - by design. It's called "flexibility" and "choice". Windows is simpler - also by design.
Linux isn't more complicated in most things. It has more choices, but most distros give trivially simple defaults by design and basic use cases are often ridiculously simple. Not every single thing, but most. SMTP, for example, is way easier on Linux than Windows. As are most databases. As are most desktop apps. Even having more choice, it is often far simpler.
But in any isolated situation, you can find the opposite. Bind isn't as easy as Windows DNS, for example. And Samba AD is more complicated than Windows AD.
Although much of that ease of use requires using Windows in a legacy mode, if you treat Windows "as intended" in a headless mode, it is often much more complicated than Linux.
-
What Linux are you using? DO has a guide for Ubuntu that seems pretty straightforward.
-
Ive got this sorted now. The file i was editing was snmp.conf
This was wrong, as the file setting up the snmp listening daemon, what you are going to query from your nms, is snmpd.conf.agentaddress udp:161 #agentaddress udp6:161 # sec.name source community com2sec readonly default secretsecret # # sec.model sec.name group rogroup v2c readonly # # # name incl/excl subtree view all included .1 # # # group context model level prefix read write notify access rogroup "" any noauth exact all none none #other info, location syslocation Seattle WA syscontact sysadmin <[email protected]>
I looked at what engineer gave me and made some modifications to what i was doing.
This is a basic config that you can put in /etc/snmp/snmpd.conf and have it work with an NMS.
There is a ton more stuff like Version 3 and some other things you can do, but for my purpose this is just fine.
There are some configurations that are pages long, but this one just gives your nms the ability to query anything in the standard .1 subtree, at least i think that is what is happening. -
@momurda Great! Thanks for posting!