6 August 2014

Install SNMP and open its port on iptables firewall

In order to get your system monitored by a centralized monitoring system, most probably you need to enable snmp in your Linux,

Here is the way snmpd daemon can be installed and enabled:


1. Installation via yum or rpm:

# yum install net-snmp

or:
# rpm -ivh net-snmp-libs-5.5-44.0.1.el6.x86_64.rpm net-snmp-5.5-44.0.1.el6.x86_64.rpm lnet-snmp-utils-5.5-44.0.1.el6.x86_64.rpm


2. SNMP configuration can be edited in snmpd.conf.


# cat /etc/snmp/snmpd.conf |grep -i public
# By default, the agent responds to the "public" community for read
# First, map the community name "public" into a "security name"
com2sec notConfigUser  default       public


3. Start the snmpd service:

# /etc/init.d/snmpd start
Starting snmpd:                                                         [OK]

# /etc/init.d/snmpd status
snmpd (pid  19508) is running...

# ps -ef|grep snmp
root     19508     1  0 Jul08 ?        00:00:18 /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid

# netstat -an|grep 161
udp        0      0 0.0.0.0:161                 0.0.0.0:*


4. Enable snmpd to start at boot:

# chkconfig snmpd on

# chkconfig --list snmpd
snmpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


5. Open the SNMP ports on the firewall: 

# iptables -I INPUT -p udp -m udp --dport 161 -j ACCEPT 

# iptables-save > /etc/sysconfig/iptables


6. Now you should be able to walk through your snmp MIBs via snmpwalk from a local or remote server:

# snmpwalk -mALL -v1 -c public <IP> system

RFC1213-MIB::sysDescr.0 = STRING: "Linux hostname 2.6.32-431.el6.x86_64 #1 SMP Sun Nov 10 22:19:54 EST 2013 x86_64"
RFC1213-MIB::sysObjectID.0 = OID: NET-SNMP-TC::linux
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (7152525) 19:52:05.25
RFC1213-MIB::sysContact.0 = STRING: "Root <root@localhost> (configure /etc/snmp/snmp.local.conf)"
RFC1213-MIB::sysName.0 = STRING: "hostname"
RFC1213-MIB::sysLocation.0 = STRING: "Unknown (edit /etc/snmp/snmpd.conf)"
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDMIBObjects.3.1.1
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.5 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.6 = OID: RFC1213-MIB::ip
SNMPv2-MIB::sysORID.7 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.8 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.3 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.6 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.7 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.8 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (1) 0:00:00.01





No comments:

Post a Comment