Thursday, April 9, 2009

Setting Up a SNMP Server in Ubuntu

What is net-snmp ?

Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (eg. routers), computer equipment and even devices like UPSs. Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.

Net-SNMP Tutorials
http://www.net-snmp.org/tutorial/tutorial-5/

Net-SNMP Documentation
http://www.net-snmp.org/docs/readmefiles.html

# Installing SNMP Server in Ubuntu #####

$ sudo apt-get install snmpd



# Configuring SNMP Server #####

/etc/snmp/snmpd.conf - configuration file for the Net-SNMP SNMP agent.

/etc/snmp/snmptrapd.conf - configuration file for the Net-SNMP trap daemon.


Set up the snmp server to allow read access from the other machines in your network for this you need to open the file /etc/snmp/snmpd.conf change the following Configuration and save the file.

$ sudo gedit /etc/snmp/snmpd.conf



snmpd.conf
#---------------------------------------------------------------
######################################
# Map the security name/networks into a community name.
# We will use the security names to create access groups
######################################

# sec.name source community

com2sec my_sn1 localhost my_comnt
com2sec my_sn2 192.168.10.0/24 my_comnt


####################################
# Associate the security name (network/community) to the
# access groups, while indicating the snmp protocol version
####################################

# sec.model sec.name
group MyROGroup v1 my_sn1
group MyROGroup v2c my_sn1
group MyROGroup v1 my_sn2
group MyROGroup v2c my_sn2


group MyRWGroup v1
my_sn1
group MyRWGroup v2c my_sn1
group MyRWGroup v1 my_sn2
group MyRWGroup v2c my_sn2

#######################################
# Create the views on to which the access group will have access,
# we can define these views either by inclusion or exclusion.
# inclusion - you access only that branch of the mib tree
# exclusion - you access all the branches except that one
#######################################

# incl/excl subtree mask (opcional)
view my_vw1 included .1 80
view my_vw2 included .iso.org.dod.internet.mgmt.mib-2.system

#######################################
# Finaly associate the access groups to the views and give them
# read/write access to the views.
#######################################

# context sec.model sec.level match read write notif
access MyROGroup "" any noauth exact my_vw1 none none
access MyRWGroup "" any noauth exact my_vw2 my_vw2 none
# -----------------------------------------------------------------------------


# Give access to other interfaces besides the loopback #####

$ sudo gedit /etc/default/snmpd

find the line:

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

and change it to:

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'


# Restart snmpd to load de new config #####

$ sudo /etc/init.d/snmpd restart


# Test the SNMP Server #####


$ sudo apt-get install snmp

$
sudo snmpwalk -v 2c -c my_comnt localhost system

No comments: