Objective:
Centralize monitoring server at my network use Nagios engine to monitor and alarm when there is a problem in the network, there are many ways to retrieve the information on remote server like use NRPE ( Nagios Addons - allows you to remotely execute Nagios plugins on other Linux/Unix machines but it need to install program on remote host ) or SNMP ( Simple Network Management Protocol – use UDP network protocol )
Package Requirements :
The following is the list of package required for snmpd for Red Hat Enterprise Linux 4 U7
net-snmp
net-snmp-lib
To determine whether the required package is installed, enter commands similar to the following.
# rpm -q net-snmp net-snmp-libs
if the package is not installed on the server, you will see the result like this.
package net-snmp-5.1.2 is not installed ( or )
package net-snmp-libs-5.1.2 is not installed
To install the required package, enter command similar to the following.
# rpm -ivh net-snmp-5.1.2-18.el4.x86_64.rpm net-snmp-libs-5.1.2-18.el4.x86_64.rpm
If you found package net-snmp-5.1.2 is not installed but there is an package net-snmp-libs-5.1.2 installed on server but it is older version than net-snmp-5.1.2-18.el4, when you install net-snmp-5.1.2-18.el4.x86_64.rpm you will found the error like this
warning: /tmp/net-snmp-5.1.2-18.el4.x86_64.rpm: V3 DSA signature: NOKEY, key ID db42a60e
error: Failed dependencies:
net-snmp-libs = 5.1.2-18.el4 is needed by net-snmp-5.1.2-18.el4.x86_64
you should update net-snmp-libs before you install net-snmp by command.
# rpm -Uvh net-snmp-libs-5.1.2-18.el4.x86_64.rpm
Now the lastest package for net-snmp and net-snmp-libs are version 5.1.2-18, you can download from Redhat website at http://rhn.redhat.com
Configure snmpd.conf :
First section, change the community 'public' to use word that we defined in the group and specific the source of ip address or hostname and define the security name that we will use in the second section.
Example :
# sec.name source community
com2sec local aa.bb.cc.dd/32 xxxxxx
Second section, map the security name into a group name
Example :
# groupName securityModel securityName
group MyROGroup v1 local
group MyROGroup v2c local
Third section, create a view for us to let the group have rights to
Example :
# name incl/excl subtree mask(optional)
view all included .1
Finally, grant the group read-only access to the systemview view
Example :
# group context sec.model sec.level prefix read write notif
access MyROGroup "" any noauth exact all none none
**** There is the easy way to configure snmpd.conf by you can copy from your existing server at path '/etc/snmp/snmpd.conf' and transfer to remote server that you're want to configure. ****
Start SNMP service :
After you configure snmpd.conf, you should start snmpd process by using command.
# /etc/init.d/snmpd start
Check process SNMP :
# ps -ef |grep snmpd
if there is no error, you should see the result like this
root 30240 1 2 15:40 ? 00:00:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a
Manage service snmpd to start every time when server's boot :
You can check if the snmpd service will be automatic start when the server boot by command.
# chkconfig –list snmpd
snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
That result mean the service snmpd will not start when the server reboot, if you want to start snmpd automatic you should use this command.
# chkconfig snmpd on
# chkconfig --list snmpd
snmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Test get information from snmpwalk:
You can test snmp service on server that you configure at monitoring server by command
/usr/bin/snmpwalk -c
if there is no error, you will see a lot of data like these.
RFC1213-MIB::sysDescr.0 = STRING: "Linux xxxx 2.6.9-78.ELsmp #1 SMP Wed Jul 9 15:46:26 EDT 2008 x86_64"
RFC1213-MIB::sysObjectID.0 = OID: NET-SNMP-TC::linux
RFC1213-MIB::sysUpTime.0 = Timeticks: (564217) 1:34:02.17
RFC1213-MIB::sysContact.0 = STRING: "Root
..
.
Troubleshoot when you cannot get the result:
if you see the error like this
ERROR: Description table : No response from remote host "x.x.x.x".
First of all, you should check IPTABLES on the remote host that there is a rule allow incoming package from monitoring server by port snmp ( 161 ) or not , by command
# iptables -L -v
if you cannot see the rule on your iptables, you should add this policy in you rule.
# iptables -I RH-Firewall-1-INPUT -s xxxx -p udp --dport snmp -j ACCEPT
the upper command will effective temporary until server reboot, if you want insert rule permanent you should run command
iptables-save > /etc/sysconfig/iptables ( or )
edit directly at /etc/sysconfig/iptables
If you still found the problem after you checked configure's iptables policy,
Please check the current mode of SELinux on that server , you can check the current mode of SELinux by command.
# sestatus
If you found the currrent mode of SELinux is 'Enforing', you must change the to the permissive mode by running command
# setenforce 0
then restart snmpd again.
No comments:
Post a Comment