Snmp on linux centos

Install SNMP on RHEL/CentOS/Fedora – How to perform it

We can use Simple Network Management Protocol (SNMP) to get information about the current status of servers, network equipment, printers, or other IP devices.

As part of our Server Management Services, we assist our customers with several RHEL queries.

Today, let us see how to install an SNMP (and SNMP v3) agent on a Linux host running CentOS, RHEL, or Fedora.

How to Install SNMP on RHEL

With SNMP, we get different metrics. For example, CPU utilization, the number of processes, state of services, etc.

Its major advantage includes, it is supported by almost any device. In addition, it does not require the installation of a separate monitoring system agent.

Install SNMP Agent and Diagnostic Tools on Linux

Before we proceed with SNMP packages, we install the latest updates on the server using dnf (yum):

Then we install the SNMP agent and additional tools from the base repository:

# dnf install net-snmp net-snmp-utils -y 

Enable and Configure SNMP Agent on Linux

Prior to SNMP configuration, we create a copy of the original config file:

# mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

Then we edit the SNMP agent settings:

Here, we add the following lines:

rocommunity public syslocation GE-DC2 syscontact gedc2-admins@bobcares.com

The above are three basic SNMP parameters.

Eventually, we save the file. Our Support Techs recommend entering a correct location and a valid email address.

Then we enable the snmpd service and start it:

# systemctl enable snmpd.service # systemctl start snmpd

To ensure the service is running, we use:

In case we use a firewall on the server, we allow connections to TCP/UDP ports 161 and 162.

To open SNMP ports in firewalld, we run:

# firewall-cmd –zone=public –add-port=161/udp –permanent # firewall-cmd –zone=public –add-port=161/tcp –permanent # firewall-cmd –zone=public –add-port=162/udp –permanent # firewall-cmd –zone=public –add-port=162/tcp –permanent # firewall-cmd –reload 

Poll SNMP Agent Using Snmpwalk

To poll the SNMP agent, we use the snmpwalk tool.

We then check the service locally using the SMMPv2 protocol:

# snmpwalk -v 2c -c public -O e 127.0.0.1

If the SNMP configuration is correct, we will receive a set of SNMP data from the agent.

Once we set the configuration file and run a test command, we may receive:

Timeout: No Response from localhost

We can fix this error by clearing the configuration file and adding only the lines specified above.

Since the service starts without any problems, but it is not working, we check everything specifically.

We also query our server locally using:

# snmpwalk -v2c -c public localhost system SNMPv2-MIB::sysDescr.0 = STRING: Linux server1.test.com 4.18.0-147.8.1.el8_1.x86_64 #1 SMP Thu Apr 9 13:49:54 UTC 2020 x86_64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (106564) 0:17:45.64 SNMPv2-MIB::sysContact.0 = STRING: gedc2-admins@bobcares.com SNMPv2-MIB::sysName.0 = STRING: server1.test.com SNMPv2-MIB::sysLocation.0 = STRING: GE-DC2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SNMPv2-MIB::sysORUpTime.6 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.7 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.8 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.9 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.10 = Timeticks: (0) 0:00:00.00

We ensure that our SNMP agent is available remotely.

In addition, on another server (install snmp tools prior to doing it) we run:

# snmpwalk -v2c -c public 192.168.20.105 system

Since the remote server receives the information from the server over SNMP, we can add the server to any SNMP monitoring system.

Configure SNMPv3 on Linux CentOS/RHEL/Fedora

SNMPv3 is a newer and more secure version of the protocol with support for authentication and encryption.

In order to configure SNMPv3, we create a user with a password, set an encryption password, access rights, and an encryption algorithm (MD5 or SHA).

To create a user for SNMPv3, we stop the snmpd daemon:

Then we can create a user:

# net-snmp-create-v3-user -ro -A o2ps2w0dD -a SHA -X r30svV33 -x AES snmpuser

The syntax of net-snmp-create-v3-user is:

net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass][-x DES|AES] [username]

• -ro – user has read-only privileges
• Authpass -authentication password
• Privpass – private key

Once done, it will create a user with the specified password and key.

Then we start the service:

Eventually, we try to poll the SNMP agent using snmpwalk.

Make note that to poll over SNMPv3, we must specify the username, the password, and the key.

# snmpwalk -v3 -a SHA -A o2ps2w0dD -x AES -X r30svV33 -l authPriv -u snmpuser 192.168.20.105 | head

[Need help with the installation? We’d be happy to assist you]

Conclusion

In short, we saw how our Support Techs install and configure SNMP on RHEL.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

Источник

Install and Configure SNMP on RHEL/CentOS/Fedor

Simple Network Management Protocol ( SNMP ) is used to get information about the current status of servers, network equipment, printers or other IP devices. You can get different metrics through SNMP: CPU utilization, number of processes, state of services, etc. The major SNMP advantages are that it is supported by almost any devices and doesn’t require a separate monitoring system agent to be installed. In this article we will show how to install and configure an SNMP (and SNMP v3) agent on a Linux host running CentOS, RHEL, or Fedora.

Installing SNMP Agent and Diagnostic Tools on Linux

Before you install SNMP packages, install the latest updates on your server using dnf (yum):

Then install the SNMP agent and additional tools from the base repository:

# dnf install net-snmp net-snmp-utils -y

How to Enable and Configure SNMP Agent on Linux?

Prior to SNMP configuration, create a copy of the original config file:

# mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

Then edit the SNMP agent settings:

These are three basic SNMP parameters. There are many other options for configuring the Net-SNMP agent, but we cannot cover everything in one article.

Save the file (it is recommended to enter a correct location and a valid email address). Then enable the snmpd service and start it:

# systemctl enable snmpd.service
# systemctl start snmpd

Make sure that the service is running:

If you are using a firewall on your server, allow connections to TCP/UDP ports 161 and 162. Use the following commands to open SNMP ports in firewalld:

# firewall-cmd —zone=public —add-port=161/udp —permanent
# firewall-cmd —zone=public —add-port=161/tcp –permanent
# firewall-cmd —zone=public —add-port=162/udp —permanent
# firewall-cmd —zone=public —add-port=162/tcp —permanent
# firewall-cmd —reload

Poll SNMP Agent Using Snmpwalk

You can poll the SNMP agent using the snmpwalk tool. To check the service locally using the SMMPv2 protocol, use the command:

# snmpwalk -v 2c -c public -O e 127.0.0.1

If SNMP is configured correctly, you will receive a set of SNMP data from the agent.

Timeout: No Response from localhost

I fixed it by clearing the configuration file and adding only the lines I specified above. If you need some specific settings, check everything thoroughly, since the service starts without any problems, but it is not working.

You can also query your server locally using this command:

# snmpwalk -v2c -c public localhost system

SNMPv2-MIB::sysDescr.0 = STRING: Linux server1.test.com 4.18.0-147.8.1.el8_1.x86_64 #1 SMP Thu Apr 9 13:49:54 UTC 2020 x86_64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (106564) 0:17:45.64 SNMPv2-MIB::sysContact.0 = STRING: [email protected] SNMPv2-MIB::sysName.0 = STRING: server1.test.com SNMPv2-MIB::sysLocation.0 = STRING: GE-DC2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SNMPv2-MIB::sysORUpTime.6 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.7 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.8 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.9 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORUpTime.10 = Timeticks: (0) 0:00:00.00

Then make sure that your SNMP agent is available remotely. Run this command on another server (install snmp tools prior to doing it):

# snmpwalk -v2c -c public 192.168.21.205 system

As you can see, the remote server received the information from the server over SNMP. Now you can add the server to any SNMP monitoring system (like Zabbix or Cacti).

Configure SNMPv3 on Linux CentOS/RHEL/Fedora

In the beginning of the article we have shown how to configure an SNMP agent that uses SNMP v1 and v2. SNMPv3 is a newer and more secure version of the protocol with support for authentication and encryption. To configure SNMPv3, create a user with a password, set an encryption password, access rights and an encryption algorithm (MD5 or SHA).

To create a user for SNMPv3, stop the snmpd daemon:

Then you can create a user:

# net-snmp-create-v3-user -ro -A o2ps2w0dD -a SHA -X r30svV33 -x AES snmpuser

net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass][-x DES|AES] [username]

• -ro – it means that a user has read-only privileges
• Authpass – authentication password
• Privpass – private key

After running the command, a user with the specified password and key will be created:

Try to poll the SNMP agent using snmpwalk. Note that to poll over SNMPv3, you must specify the user name, the password and the key.

# snmpwalk -v3 -a SHA -A o2ps2w0dD -x AES -X r30svV33 -l authPriv -u snmpuser 192.168.21.205 | head

Источник