|
Install SNMP on DEBIAN Linux |
|
|
|
|
Installing SNMP Server in Debian
If you want to install snmp server in debian you need to install snmpd package using the following command
#apt-get install snmpd
This will complete the installation process.
Configuring SNMP Server in Debian
Default Configuration files are located at /etc/snmp directory this contains the following files.
snmpd.conf snmptrapd.conf
/etc/snmp/snmpd.conf - configuration file for the Net-SNMP SNMP agent.
/etc/snmp/snmptrapd.conf - configuration file for the Net-SNMP trap daemon.
Now we need to concentrate on snmpd.conf file for our configuration. If you want to see the default snmpd.conf file.
Before doing any changes to your /etc/snmp/snmpd.conf file take a copy of original file using the following command
#cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
Set up the snmp server to allow read access from the other machines in your network for this you need to open the file /etc/snmp/snmpd.conf change the following Configuration and save the file. first step
# sec.name source community
com2sec paranoid default public
#com2sec readonly default public
#com2sec readwrite default private
to
#com2sec paranoid default public
com2sec local localhost public
com2sec localNet 192.168.0.0 /24 public
#com2sec readwrite default private
you can define the source whichever way you want like only allow from local machine for that you need to add 127.0.0.1 under source and you can define your community in this case we are using public as our community.
Second Step
####
# Second, map the security names into group names:
# sec.model sec.name
group MyROSystem v1 paranoid
group MyROSystem v2c paranoid
group MyROSystem usm paranoid
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
group MyRWGroup v1 readwrite
group MyRWGroup v2c readwrite
group MyRWGroup usm readwrite
to
group MyROSystem v1 local
group MyROSystem v2c local
group MyROSystem usm local
group MyROGroup v1 localnet
group MyROGroup v2c localnet
group MyROGroup usm localnet
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
Third Step
####
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
Don't chnage anything here leave this one as default setting
Final Step
####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:
# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
Don't chnage anything here leave this one as default setting.
Optional Configuration
# System contact information
syslocation Unknown (configure /etc/snmp/snmpd.local.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmpd.local.conf)
to
syslocation MainDatacenter
syscontact
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Now the above configuration able to access local and 192.168.0.0 /24 network machines to use full functionality of MIB's this is very important if you want to collect the information from existing machines in above network.
Now you need to restart the snmp services using the following command
#/etc/init.d/snmpd restart
Now the SNMP server configuration is active and running.
Testing your Configuration
#snmpwalk localhost -c public -v1
SNMPv2-MIB::sysDescr.0 = STRING: Linux sritest 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
SNMPv2-MIB::sysUpTime.0 = Timeticks: (656698) 1:49:26.98
SNMPv2-MIB::sysContact.0 = STRING:
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
SNMPv2-MIB::sysName.0 = STRING: debiantest
SNMPv2-MIB::sysLocation.0 = STRING: Maindatacenter
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: IF-MIB::ifMIB
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.3 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.4 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.5 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.6 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.7 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.9 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
If you want more options and how to use snmpd.conf file you need to check snmpd.conf man page
If you want to monitor your server or desktop machine resources like disk capacity,load,process check here SNMP Client installation in debian
Now we have seen how to configure SNMP server in above section now we need to install client in other machines for this you need to install snmp or scli packages
#apt-get install snmp scli tkmib
This will complete the snmp client installation.
Configuration
The system wide configuration file is /etc/snmp/snmp.conf check the community name is same as server if not you need to change the community name and you need to restart the snmp service.Edit the /etc/snmp/snmp.conf file and change the following settings and save the file
com2sec paranoid default public
#com2sec readonly default public
#com2sec readwrite default private
to:
#com2sec paranoid default public
com2sec readonly 127.0.0.1 public
#com2sec readwrite default private
Now you need to restart the snmp service using the following command
#/etc/init.d/snmp restart
Testing your Configuration
#snmpwalk -v 2c -c public remotemachineipaddress system
SNMPv2-MIB::sysDescr.0 = STRING: Linux sritest 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
SNMPv2-MIB::sysUpTime.0 = Timeticks: (168871) 0:28:08.71
SNMPv2-MIB::sysContact.0 = STRING:
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
SNMPv2-MIB::sysName.0 = STRING: debiantest
SNMPv2-MIB::sysLocation.0 = STRING: maindatacenter
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: IF-MIB::ifMIB
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.3 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.4 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.5 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.6 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.7 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.9 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module to describe generic objects for network interface sub-layers
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.6 = STRING: View-based Access Control Model for SNMP. Alternately, you can use scli, #scli localhost and then type in show or monitor. This will confirm the SNMP service is active and working properly.
|
