snmp for linux, is it really this difficult?

momurda

Does anybody actually know how to set this up for a Linux box?
In Windows, I install the service. Then I open the SNMP service, type in a read only name and the allowed hosts, the ip/dns of observium/opennms. Then in observium/opennms I type in the name of the Linux box and the read only name. That is it. snmp data flows, charts are drawn, alerts can be sent.

In Linux, I install snmp, then goto /etc/snmp/ and see there is 3 files here, snmp.conf, snmpd.conf, snmptrap.conf.
Then I goto net-snmp.org and read about it.
http://www.net-snmp.org/wiki/index.php/Com2sec The !@#$ is this, com2sec?
Then they give this example conf file. Ok but using this snmp.conf doesn't actually let me add the Linux box to my observium/opennms.

# Map 'disks' community to the 'disksOnly' user
# Map 'everything' community to the 'allThings' user
#         sec.name   source    community
com2sec   disksOnly  default   disks
com2sec   allThings  default   everything
 
# Map 'disksOnly' to 'diskGroup' for SNMP Version 2c
# Map 'allThings' to 'allGroup' for SNMP Version 2c
#                sec.model sec.name
group diskGroup   v2c      disksOnly
group allGroup    v2c      allThings
 
# Define 'diskView', which includes everything under .1.3.6.1.2.1.25.2.3.1
# Define 'allView', which includes everything under .1 (which is everything)
#                  incl/excl   subtree
view    diskView   included    .1.3.6.1.2.1.25.2.3
view    allView    included    .1
 
# Give 'diskGroup' read access to objects in the view 'diskView'
# Give 'allGroup' read access to objects in the view 'allView'
#         group     context   model   level    prefix  read       write   notify
access    diskGroup   ""      any     noauth   exact   diskView   none    none
access    allGroup    ""      any     noauth   exact   allView    none    none

What is source? Is that where I put in the name or ip of my observium/opennms?
I know view acces group, wtf is com2sec. How do I get a Linux box to connect to an nms like opennms/observium?

1337

@momurda Don't know the answer but everything is more complicated in linux - by design. It's called "flexibility" and "choice". Windows is simpler - also by design.

Anyway the snmp trap is when the agent (server) initiates the communication to send information to the manager (client) - observium/opennms in your case. ~~So snmptrap.conf is the logical place to find that info.~~ Hmm, that might be wrong...

PS. Obvious I know, but check any firewall settings too.

1337

Please post what you find.

I'm too interested in this too, because I need to do the exact same thing on a couple of servers.

momurda

I will. Kind of embarrassing, i work for a company that specializes in linux devices and snmp. I broke down and went to one of the engineers here, asked him to send me snmp configs from one of our models. First time i think am asking them for help instead of other way round.

1337

@momurda Don't sweat it. Life is not long enough to learn everything about everything.

scottalanmiller

@pete-s said in snmp for linux, is it really this difficult?:

@momurda Don't know the answer but everything is more complicated in linux - by design. It's called "flexibility" and "choice". Windows is simpler - also by design.

Linux isn't more complicated in most things. It has more choices, but most distros give trivially simple defaults by design and basic use cases are often ridiculously simple. Not every single thing, but most. SMTP, for example, is way easier on Linux than Windows. As are most databases. As are most desktop apps. Even having more choice, it is often far simpler.

But in any isolated situation, you can find the opposite. Bind isn't as easy as Windows DNS, for example. And Samba AD is more complicated than Windows AD.

Although much of that ease of use requires using Windows in a legacy mode, if you treat Windows "as intended" in a headless mode, it is often much more complicated than Linux.

StrongBad

What Linux are you using? DO has a guide for Ubuntu that seems pretty straightforward.

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-an-snmp-daemon-and-client-on-ubuntu-14-04

momurda

Ive got this sorted now. The file i was editing was snmp.conf
This was wrong, as the file setting up the snmp listening daemon, what you are going to query from your nms, is snmpd.conf.

agentaddress udp:161
#agentaddress udp6:161
#       sec.name        source   community
com2sec readonly        default  secretsecret
#
#                         sec.model sec.name
group   rogroup           v2c       readonly
#
#
#       name   incl/excl   subtree
view    all    included    .1
#
#
#       group    context   model   level    prefix  read   write   notify
access  rogroup    ""      any     noauth   exact   all    none    none

#other info, location
syslocation Seattle WA
syscontact sysadmin <sysadmin@domain.com>

I looked at what engineer gave me and made some modifications to what i was doing.
This is a basic config that you can put in /etc/snmp/snmpd.conf and have it work with an NMS.
There is a ton more stuff like Version 3 and some other things you can do, but for my purpose this is just fine.
There are some configurations that are pages long, but this one just gives your nms the ability to query anything in the standard .1 subtree, at least i think that is what is happening.

1337

@momurda Great! Thanks for posting!