160 likes | 349 Views
SNMP . SNMP. Monitoring Read (udp 162) Write (udp 162) Traps (udp161). Brief description.
E N D
SNMP • Monitoring • Read (udp 162) • Write (udp 162) • Traps (udp161)
Brief description Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (eg. routers), computer equipment and even devices like UPSs. Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.
Net-SNMP Net-SNMP Tutorialshttp://www.net-snmp.org/tutorial/tutorial-5/ Download Net-SNMPhttp://www.net-snmp.org/download.html Net-SNMP Documentationhttp://www.net-snmp.org/docs/readmefiles.html
Install If you want to install snmp server in debian you need to install snmpd package using the following command. This will complete the installation process. #apt-get install snmpd
Backup default config Before doing any changes to your /etc/snmp/snmpd.conf file take a copy of original file using the following command. #cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
Config files Default Configuration files are located at /etc/snmp directory this contains the following files. /etc/snmp/snmpd.conf - configuration file for the Net-SNMP SNMP agent./etc/snmp/snmptrapd.conf - configuration file for the Net-SNMP trap daemon.
Setup Set up the snmp server to allow read access from the other machines in your network for this you need to open the file /etc/snmp/snmpd.conf change the following Configuration and save the file.
First step # sec.name source community com2sec paranoid default public#com2sec readonly default public#com2sec readwrite default privateto#com2sec paranoid default public com2sec local localhost public com2sec localnet 172.16.99.0/24 public#com2sec readwrite default private Syntax : com2sec <name> <hosts-that-can-poll> <community-name>
Second step • togroup MyROSystem v1 localgroup MyROSystem v2c localgroup MyROSystemusm localgroup MyROGroup v1 localnetgroup MyROGroup v2c localnetgroup MyROGroupusmlocalnetgroup MyRWGroup v1 localgroup MyRWGroup v2c localgroup MyRWGroupusm local • Syntax : group <name> <type> <com2sec-name> ##### Second, map the security names into group names:# sec.model sec.namegroup MyROSystem v1 paranoidgroup MyROSystem v2c paranoidgroup MyROSystem usm paranoidgroup MyROGroup v1 readonlygroup MyROGroup v2c readonlygroup MyROGroup usm readonlygroup MyRWGroup v1 readwritegroup MyRWGroup v2c readwritegroup MyRWGroup usm readwrite
Third step ##### Third, create a view for us to let the groups have rights to:# incl/excl subtree maskview all included .1 80view system included .iso.org.dod.internet.mgmt.mib-2.systemDon't change anything here leave this one as default setting
Fourth step ##### Finally, grant the 2 groups access to the 1 view with different# write permissions:# context sec.model sec.level match read write notifaccess MyROSystem "" any noauth exact system none noneaccess MyROGroup "" any noauth exact all none noneaccess MyRWGroup "" any noauth exact all all none Syntax : access <group-name> <sec-level> any noauth exact <read-permission> <write-permission> <notification>Don't change anything here leave this one as default setting.
Optional Optional Configuration# System contact informationsyslocation Unknown (configure /etc/snmp/snmpd.local.conf)syscontact Root <root@localhost> (configure /etc/snmp/snmpd.local.conf)
Restart daemon #/etc/init.d/snmpd restart The daemon, not the server … ;)
Install SNMP client tools #apt-get install snmp
Test your config #snmpwalk -v 2c -c <community> <remotemachineipaddress> SNMPv2-MIB::sysDescr.0 = STRING: Linux sritest 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10SNMPv2-MIB::sysUpTime.0 = Timeticks: (168871) 0:28:08.71 … …