Monitoring - Installing SNMP via RPMs on CentOS 4

Installing SNMP via RPMs on CentOS 4

SNMP is the primary protocol for monitoring networking equipment; however, due to security and performance considerations, it was often a bad choice for servers. SNMP v 3 now has security improvements that make this a possibility for servers. For more on this, see RFC 3414. We have used Big Brother and Big Sister in the past, but it has always bothered us that a proprietary client was needed. Agatha once rolled out a huge Unicenter deployment, and the SNMP agent was so heavy that it took up most of the resources that the GNU/Linux box was using. SNMP has matured, and servers are relatively much more powerful now, so it seems reasonable to us that using stock SNMP management packages vs. proprietary should work well.

Our first step is to get the stock SNMP running on a CentOS / Red Hat v 4 system. We will use up2date to find out what SNMP packages are available, and download them:

 
[root@srv-1 usr-1]# up2date --showall | grep snmp
net-snmp-5.1.2-11.EL4.6.i386
net-snmp-devel-5.1.2-11.EL4.6.i386
net-snmp-libs-5.1.2-11.EL4.6.i386
net-snmp-perl-5.1.2-11.EL4.6.i386
net-snmp-utils-5.1.2-11.EL4.6.i386
php-snmp-4.3.9-3.8.i386
[root@srv-1 usr-1]# up2date --get net-snmp-5.1.2-11.EL4.6.i386 
--tmpdir=/root/
net-snmp-5.1.2-11.EL4.6.i386.rpm...
########################################
[root@srv-1 usr-1]# up2date --get net-snmp-libs-5.1.2-11.EL4.6.i386 
--tmpdir=/root/
net-snmp-libs-5.1.2-11.EL4.6.i386.rpm...
########################################
[root@srv-1 usr-1]# up2date --get net-snmp-perl-5.1.2-11.EL4.6.i386 
--tmpdir=/root/
net-snmp-perl-5.1.2-11.EL4.6.i386.rpm...
########################################
[root@srv-1 usr-1]# up2date --get net-snmp-utils-5.1.2-11.EL4.6.i386 
--tmpdir=/root/
net-snmp-utils-5.1.2-11.EL4.6.i386.rpm...
########################################
[root@srv-1 usr-1]# up2date --get php-snmp-4.3.9-3.8.i386 
--tmpdir=/root/
php-snmp-4.3.9-3.8.i386.rpm...
########################################
[root@srv-1 usr-1]# ls /root/*snmp*
/root/net-snmp-5.1.2-11.EL4.6.i386.rpm
/root/net-snmp-libs-5.1.2-11.EL4.6.i386.rpm
/root/net-snmp-perl-5.1.2-11.EL4.6.i386.rpm
/root/net-snmp-utils-5.1.2-11.EL4.6.i386.rpm
/root/php-snmp-4.3.9-3.8.i386.rpm
[root@srv-1 usr-1]#

Now, let's upgrade the existing SNMP packages:

[root@srv-1 ~]# for i in *.rpm; do rpm -Fvh $i; done
[root@srv-1 ~]# rpm -qa | grep snmp
net-snmp-libs-5.1.2-11.EL4.6
net-snmp-5.1.2-11.EL4.6

Let's install the remainder:

[root@srv-1 ~]# for i in *.rpm; do rpm -i $i; done 
package net-snmp-5.1.2-11.EL4.6 is already installed
package net-snmp-libs-5.1.2-11.EL4.6 is already installed
[root@srv-1 ~]# rpm -qa | grep snmp
net-snmp-libs-5.1.2-11.EL4.6
net-snmp-utils-5.1.2-11.EL4.6
net-snmp-perl-5.1.2-11.EL4.6
net-snmp-5.1.2-11.EL4.6
php-snmp-4.3.9-3.8
[root@srv-1 ~]#

OK. Let's start up the services and poke around:

[root@srv-1 init.d]# ./snmpd start
Starting snmpd:                                            [  OK  ]
[root@srv-1 init.d]# ./snmptrapd start
Starting snmptrapd:                                        [  OK  ]
[root@srv-1 init.d]# tail /var/log/messages
Nov  9 16:23:22 srv-1 snmpd: snmpd startup succeeded
Nov  9 16:23:22 srv-1 snmpd[20069]: Creating directory: /var/net-snmp 
Nov  9 16:23:22 srv-1 snmpd[20069]: NET-SNMP version 5.1.2 
Nov  9 16:23:27 srv-1 snmptrapd[20077]: 2005-11-09 16:23:27 
NET-SNMP version 5.1.2 Started. 
Nov  9 16:23:27 srv-1 snmptrapd: snmptrapd startup succeeded
[root@srv-1 init.d]#

We can use snmpwalk to show the available MIBs:

[usr-1@srv-1 ~]$ snmpwalk -v 1 localhost -c public                     
SNMPv2-MIB::sysDescr.0 = STRING: Linux srv-1.networking7by24.com 
2.6.9-22.0.1.EL #1 Thu Oct 27 12:26:11 CDT 2005 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
SNMPv2-MIB::sysUpTime.0 = Timeticks: (30760) 0:05:07.60
SNMPv2-MIB::sysContact.0 = STRING: Root  
(configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: srv-1.networking7by24.com
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (11) 0:00:00.11
SNMPv2-MIB::sysORID.1 = OID: IF-MIB::ifMIB
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.3 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.4 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.5 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.6 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.7 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.9 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module to describe 
generic objects for network interface sub-layers
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing 
TCP implementations
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for managing 
IP and ICMP implementations
SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing 
UDP implementations
SNMPv2-MIB::sysORDescr.6 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.7 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.8 = STRING: The MIB for Message Processing and 
Dispatching.
SNMPv2-MIB::sysORDescr.9 = STRING: The management information definitions for 
the SNMP User-based Security Model.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (7) 0:00:00.07
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (11) 0:00:00.11
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (11) 0:00:00.11
SNMPv2-MIB::sysORUpTime.9 = Timeticks: (11) 0:00:00.11
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (69894201) 8 days, 2:09:02.01
End of MIB

If we specify one of the MIBs, we well see just that information:

[usr-1@srv-1 ~]$ snmpwalk -v 1 localhost -c public 
HOST-RESOURCES-MIB::hrSystemUptime.0
End of MIB
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (69901531) 8 days, 2:10:15.31
[usr-1@srv-1 ~]$

From another machine on the same LAN:

[root@srv-7 ~]# snmpwalk -v 1 10.50.100.1 -c public 
HOST-RESOURCES-MIB::hrSystemUptime.0
End of MIB
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (69984032) 8 days, 2:24:00.32
[root@srv-7 ~]#

OK. Well, we are not running very securely. Our next article will deal with locking this down. Let's stop the services in the mean time:

[root@srv-1 usr-1]# /etc/init.d/snmpd stop
Stopping snmpd:                                            [  OK  ]
[root@srv-1 usr-1]# /etc/init.d/snmptrapd stop
Stopping snmptrapd:                                        [  OK  ]
[root@srv-1 usr-1]#

Note that to setup security, you will probably want the net-snmp-config command, and this is provided by the net-snmp-devel package. We ended up using yum to do this, and detailed the procedure in this article.

This article comes from NetAdminTools:
http://www.netadmintools.com/

The URL for this story is:
http://www.netadmintools.com/art483.html

Copyright 1997-2008 NetAdminTools.com. Read our Terms of Use.