Voir :
Voir les traps SNMP :
Exemple de conf :
yum install net-snmp
apt-get install snmpd snmptrapd snmp-mibs-downloader
ln -s /usr/share/mibs/ /usr/share/snmp/mibs
/etc/default/snmptrapd
#export MIBS= export MIBS=ALL export MIBDIRS=/usr/share/mibs #TRAPDRUN=no TRAPDRUN=yes #TRAPDOPTS='-Lsd -p /run/snmptrapd.pid' TRAPDOPTS='-On -Lsd -p /run/snmptrapd.pid'
/etc/snmp/snmp.conf
#mibs :
service snmpd restart service snmptrapd restart
/etc/snmp/snmpd.conf
#rocommunity public localhost rocommunity public 0.0.0.0/0 #agentAddress udp:127.0.0.1:161 #agentAddress udp:161,udp6:[::1]:161 agentAddress udp:161 #includeAllDisks 1 skipNFSInHostResources 1
/etc/snmp/snmpd.conf
agentAddress udp:161,udp6:[::1]:161 view systemonly included .1.3.6.1.2.1.1 view systemonly included .1.3.6.1.2.1.25.1 rocommunity public rouser authOnlyUser sysLocation Sitting on the Dock of the Bay sysContact Me <me@example.org> sysServices 72 proc mountd proc ntalkd 4 proc sendmail 10 1 disk / 10000 disk /var 5% includeAllDisks 10% load 12 10 5 trapsink localhost public iquerySecName internalUser rouser internalUser defaultMonitors yes linkUpDownNotifications yes extend test1 /bin/echo Hello, world! extend-sh test2 echo Hello, world! ; echo Hi there ; exit 35 master agentx smuxpeer .1.3.6.1.4.1.674.10892.1
/etc/snmp/snmpd.conf
#com2sec notConfigUser default public com2sec mynetwork 192.168.0.0/24 public group notConfigGroup v1 notConfigUser group notConfigGroup v2c notConfigUser view centreon included .1.3.6.1 view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 access notConfigGroup "" any noauth exact centreon none none access notConfigGroup "" any noauth exact systemview none none syslocation Unknown (edit /etc/snmp/snmpd.conf) syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf) dontLogTCPWrappersConnects yes
cat >> /etc/snmp/snmpd.conf <<EOF view systemview included .1.3.6.1 EOF
Pour éviter bug timeout, car SNMP essaye de remonter les infos sur toutes les partitions qu'il trouve
systemctl disable mnt-espace_build.automount partage_install.automount partage_librairies.automount mnt-espace_build.mount partage_install.mount partage_librairies.mount systemctl stop mnt-espace_build.automount partage_install.automount partage_librairies.automount mnt-espace_build.mount partage_install.mount partage_librairies.mount
Install du paquet snmp-mibs-downloader et de sa dépendance smistrip
dpkg -i smistrip_0.4.8+dfsg2-10_all.deb snmp-mibs-downloader_1.1_all.deb
/etc/default/snmpd
export MIBS=ALL SNMPDRUN=yes SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid' export MIBDIRS=/usr/share/mibs
/etc/snmp/snmpd.conf
agentAddress udp:161,udp6:[::1]:161 rocommunity public
/etc/snmp/snmpd.conf
# rwuser: a SNMPv3 read-write user # arguments: user [noauth|auth|priv] [restriction_oid] rwuser nagios auth rwuser nagios
Accès en lecture et écriture à la totalité de l'arborescence : /etc/snmp/snmpd.conf
rwuser admin authpriv .1
Voir :
systemctl status snmpd ● snmpd.service - Simple Network Management Protocol (SNMP) Daemon. Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled) Active: active (running) since mer. 2017-06-07 11:37:03 CEST; 9s ago Main PID: 61127 (snmpd) CGroup: /system.slice/snmpd.service └─61127 /usr/sbin/snmpd -LS0-6d -f juin 07 11:37:03 8cc-offline-1 systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon.... juin 07 11:37:03 8cc-offline-1 snmpd[61127]: Turning on AgentX master support. juin 07 11:37:03 8cc-offline-1 snmpd[61127]: NET-SNMP version 5.7.2 juin 07 11:37:03 8cc-offline-1 systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon.. juin 07 11:37:06 8cc-offline-1 snmpd[61127]: refused smux peer: oid SNMPv2-SMI::enterprises.674.10892.1, descr Systems Management SNMP MIB Plug-in Manager juin 07 11:37:09 8cc-offline-1 snmpd[61127]: refused smux peer: oid SNMPv2-SMI::enterprises.674.10892.1, descr Systems Management SNMP MIB Plug-in Manager juin 07 11:37:12 8cc-offline-1 snmpd[61127]: refused smux peer: oid SNMPv2-SMI::enterprises.674.10892.1, descr Systems Management SNMP MIB Plug-in Manager
Solution 1
#echo "smuxpeer .1.3.6.1.4.1.674.10892.1 P@ssw0rd" >> /etc/snmp/snmpd.conf echo "smuxpeer .1.3.6.1.4.1.674.10892.1" >> /etc/snmp/snmpd.conf systemctl restart snmpd
Solution 2
/etc/sysconfig/snmpd
# snmpd command line options # '-f' is implicitly added by snmpd systemd unit file # OPTIONS="-LS0-6d" OPTIONS="-I -smux"
systemctl restart snmpd
/var/log/syslog
Jul 18 01:08:07 plop snmpd[3232]: Connection from UDP: [192.168.15.27]:52799->[192.168.15.32] Jul 18 01:08:34 plop snmpd[3232]: Connection from UDP: [192.168.15.22]:53386->[192.168.15.32]
Remplacer -Lsd par -LSwd
/etc/default/snmpd
#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid' SNMPDOPTS='-LSwd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
Ou
/etc/sysconfig/snmpd
#OPTIONS="-LS0-6d -Lf /dev/null -p /var/run/snmpd.pid" OPTIONS="-LSwd -Lf /dev/null -p /var/run/snmpd.pid"
ou
/etc/snmp/snmpd.conf
dontLogTCPWrappersConnects yes
puis restart du service
usmUser a été créer après le redémarrage de SNMPd suite à la commande createUser (SNMPv3)
Voir la commande snmpusm
$ snmptranslate -M+. -m +ALL -On HOST-RESOURCES-MIB::hrProcessorTable
.1.3.6.1.2.1.25.3.3
$ snmptranslate -Td .1.3.6.1.4.1.2021.11.52
UCD-SNMP-MIB::ssCpuRawSystem
...
This object may sometimes be implemented as the
combination of the 'ssCpuRawWait(54)' and
'ssCpuRawKernel(55)' counters, so care must be
taken when summing the overall raw counters."
Ajoutez la ligne suivante dans /etc/snmp/snmpd.conf :
/etc/snmp/snmpd.conf
dlmod cmaX /usr/lib64/libcmaX64.so
Redémarrez les services suivants :
systemctl restart hp-snmp-agents systemctl restart snmpd
Voir :
Use the -On option, according to man snmpcmd
#snmpwalk -v2c -c public localhost snmpwalk -v2c -On -c public localhost
Voir aussi :
Exemples :
snmpwalk -v2c -c public localhost system #snmpwalk -v <laversion> -c <lacommunaute> <adresseip> <oid> snmpwalk -v 2c -c public 192.168.1.13 1.3.6.1.2.1.2.2.1.10 snmpwalk -v 3 -u usersnmp -a SHA -A 'MonMot2Passe!!' -x AES -X '!!MaPhrase2PasseAE' -l authPriv localhost
ATTENTION : ne faites JAMAIS une requête snmpwalk sur la racine de l’arbre SNMP ou sur un noeud de haut niveau. Si vous faites cela, vous allez saturer l’agent SNMP interrogé, le réseau et votre poste. Dans le passé, vous pouviez saturer certains agents SNMP et il était nécessaire de les redémarrer voire de redémarrer l’équipement. Ce pourrait être très gênant si vous deviez demander à l’équipe réseau de redémarrer un routeur.
# snmpwalk -v2c -c public 192.168.1.13
#snmpget -v <laversion> -c <lacommunaute> <adresseip> <oid> snmpget -v 2c -c public 192.168.1.13 1.3.6.1.2.1.2.2.1.10.1 OID_STORAGE_DESC=.1.3.6.1.2.1.25.2.3.1.3 OID_STORAGE_SIZE=.1.3.6.1.2.1.25.2.3.1.5 OID_STORAGE_USED=.1.3.6.1.2.1.25.2.3.1.6 snmpget -r 2 -v 3 -a MD5 -A "$PASSWD" -l authNoPriv -u nagios -Oqv localhost $OID_STORAGE_DESC.${indice} snmpget -r 2 -v 3 -a MD5 -A "$PASSWD" -l authNoPriv -u nagios -Oqv localhost $OID_STORAGE_SIZE.${indice} snmpget -r 2 -v 3 -a MD5 -A "$PASSWD" -l authNoPriv -u nagios -Oqv localhost $OID_STORAGE_USED.${indice}
Exemple de supervision de ports sur un switch
/usr/local/nagios/etc/objects/commands.cfg
define command{ command_name check_port_com command_line $USER1$/check_snmp -H $HOSTADDRESS$ -P3 -L authNoPriv -a MD5 -U $USER3$ -A "$USER4$" -c 1,1 -o IF-MIB::ifOperStatus.$ARG1$ }
switch.cfg
define service{ use generic-service ; Inherit values from a template host_name linksys-srw224p service_description Port 1 Link Status check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB }
/usr/local/nagios/etc/objects/switch.cfg
define service{ use EtatPortCom hostgroup_name RouteurSwitchs service_description EtatPortCom1 check_command check_port_com!1 #event_handler trigger_etatport!1 }
snmpwalk .1.3.6.1.6.3.15.1.2.2.1.3
Voir : https://github.com/simonjj/SnmpMibs
Logs Zabbix
MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp Cannot find module (DISMAN-EVENT-MIB): At line 1 in (none)
apt-get install snmp-mibs-downloader
La MIB sera installée ici : /var/lib/snmp/mibs/ietf/DISMAN-EVENT-MIB
Commenter mibs :
/etc/snmp/snmp.conf
#mibs :
snmptranslate -Tp
Pour DISMAN-EVENT-MIB le pb est résolu
Mais il reste CPQRACK-MIB et CPQIDA-MIB
Cannot find module (CPQRACK-MIB): At line 1 in (none) Cannot find module (CPQIDA-MIB): At line 1 in (none)
git clone https://github.com/simonjj/SnmpMibs cd SnmpMibs cp CPQ* /usr/share/snmp/mibs/ chmod a+r /usr/share/snmp/mibs/CPQ*
snmpget -t 1 -r 5 -M /usr/local/share/snmp/mibs -v 1 -c public 159.217.18.10:161 cpqRackCommonEnclosureTemp tcpdump -i any -s 0 host hp-array-1.0 and port 161 -n
Il existe l'ancienne version écrit en Perl et une plus récente écrit en Ruby
Il ne faut pas confondre la commande snmpcheck de Debian (paquet snmp) avec la snmpcheck de http://www.nothink.org/codes/snmpcheck
Debian
apt-get install ruby-snmp
RedHat
yum install ruby gem install snmp
wget http://www.nothink.org/codes/snmpcheck/snmpcheck-1.9.rb chmod +x snmpcheck-1.9.rb ./snmpcheck.rb
nmap -sS 192.168.56.21 snmpcheck -h snmpcheck -t 192.168.56.21
GUI SNMP MIB Browser for Linux platforms Liens : https://sourceforge.net/projects/qtmib/
The program comes with a large number of MIBs pre-installed, anything from Cisco’s and Juniper’s to HP’s and Dell’s. You can also install your own MIBs by copying them into ~/.config/qtmib/mibs directory.