Introduction

SNMP is the Simple Network Management Protocol. You'll find it on the more expensive routers, switches, and gadgets. It can allow you to keep an eye on various machines with tools like Nagios and Cacti. Watch for spikes of network activity, see how much memory is used in a day's time, or do some customization and compare spams to hams.

A workstation can be watched, too. And that's what I hope to show here.

I'm assuming you have a Dapper or Feisty release of Ubuntu, or something similar. This isn't an involved project, it's just hard to find a basic installation technique in one place. It's hoped for this to be your starting point with SNMP, not an ending point.

Installing the software

  • You'll need the package called snmpd (the daemon) and snmp (the tools). Use your favorite means, but get these installed. It might come as a big surprise, but your machine will be SNMP reachable with the simplest of configurations in /etc/snmp/snmpd.conf:

rocommunity public
  • The 'public' community is intended to be a number of things that you might find useful, and seems to vary depending on the device you're watching and the manufacturer of that device.

Note:

  • (Fixed in 12.04) If you only want to poll from localhost, you are done. If, however, you want to use SNMP over a network... You need to edit /etc/default/snmpd and change the line that binds it only to 127.0.0.1 only.

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
  • Restart the service (/etc/init.d/snmpd restart) and unless there's an error, we're ready to start.

Downloading the Mibs

  • In 12.04 and later, the mibs are not included in the snmp or snmpd download. You must also install the snmp-mibs-downloader to have them.

$ sudo apt-get install snmp-mibs-downloader

At that point you must edit /etc/snmp/snmp.conf and comment out the one uncommented line.

#
# As the snmp packages come without MIB files due to license reasons, loading
# of MIBs is disabled by default. If you added the MIBs you can reenable
# loaging them by commenting out the following line.
mibs :

Lastly, you will need to edit the /etc/snmp/snmpd.conf file that restricts you to only the system mib.

rocommunity public  default    -V systemonly

becomes

rocommunity public 172.16.0.0/20

Or whatever is appropriate for your environment.

Testing

  • There are numerous ways to read SNMP values. Probably the most straightforward is with 'snmpwalk':

snmpwalk -c public -v1 localhost | less
  • It'll produce a WORLD of information, from processes currently running, to hard drives (even those unmounted if I remember correctly) and memory in use. If you see the large stream of information there, your machine is now "SNMP Reachable".

Security

  • Like most ideas that have "simple" in their acronym, SNMP has it's dark and murky side, too. Several attempts have been made by various governing bodies to make this a complex, encrypted, secure service. Perhaps it is, but I've never met anyone who's done it.

    You really don't want the whole world reading the processes that are running, and all the other information this provides. You have been warned. Use SNMP as an internal service; block it at your firewall, or make a tunnel in which to use it, if you must access something across the open internet.

Credits

  • Page creation: WheelDweller, from memory. I don't profess to be a guru, but I remember how I use it, alerts I've been given, and how to make it work. If you can improve this page please do. I'd love to know more about this package!


SNMPAgent (last edited 2013-07-01 20:15:41 by mail)