Install and Configure SNMP on Rocky Linux 8/9

koromicha
|
Last Updated:
|
HowTos, Monitoring
|
2 Comments
Install and Configure SNMP on Rocky Linux 8/9

Follow through this tutorial to learn how to install and configure SNMP on Rocky Linux 8/9. SNMP stands for Simple Network Management Protocol. It is an Internet Standard protocol that provides an agentless method of managing and monitoring of network devices and servers for health information, system metrics such as CPU load, Physical Memory usage, number of running processes, service states or any other metric that support polling over the SNMP protocol.

Installing SNMP on Rocky Linux 8/9

Install Net-SNMP on Rocky Linux 8/9

The Net-SNMP is a suite of applications which provides an agent and utilities that enables retrieval of data from systems using the SNMP protocol.

To install Net-SNMP (SNMP agent, SNMP daemon and other SNMP utilities) on Rocky Linux 8/9, simply execute the command below;

dnf install net-snmp net-snmp-libs net-snmp-utils

Running SNMP Daemon on Rocky Linux 8/9

When installed, Net-SNMP creates a SystemD service called snmpd. The service can be managed using the systemctl command.

For example, to start and enable it to run on system boot;

systemctl enable --now snmpd

To check the status;

systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
   Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2023-11-13 17:28:00 UTC; 2min 6s ago
 Main PID: 12269 (snmpd)
    Tasks: 1 (limit: 10910)
   Memory: 4.6M
   CGroup: /system.slice/snmpd.service
           └─12269 /usr/sbin/snmpd -LS0-6d -f

Nov 13 17:27:59 localhost.localdomain systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Nov 13 17:28:00 localhost.localdomain snmpd[12269]: NET-SNMP version 5.8
Nov 13 17:28:00 localhost.localdomain systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..

To restart SNMP daemon;

systemctl restart snmpd

Configure SNMP on Rocky Linux 8/9

Once the installation of Net-SNMP is done, proceed to configure it to enable you to remotely poll your system metrics.

The default configuration file of the Net-SNMP agent daemon is is /etc/snmp/snmpd.conf. The file is highly commented and thus, we will only make a few changes. As a result, make a copy of the original file before you can proceed.

cp /etc/snmp/snmpd.conf{,orig}

Configure System Information

By default, Net-SNMP provides basic information such the hostname, the location, the administrator contact information about the system. This information is provided by the values of the objects sysNamesysLocation and sysContact respectively.

To list the default system information using SNMP, simply use snmpwalk command with the default version 2 community string, public. Ensure that SNMP daemon is running before you can run the command below;

snmpwalk -v2c -c public localhost system

You can even try using the server IP;

snmpwalk -v2c -c public 192.168.60.19 system
SNMPv2-MIB::sysDescr.0 = STRING: Linux localhost.localdomain 4.18.0-477.10.1.el8_8.x86_64 #1 SMP Tue May 16 11:38:37 UTC 2023 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (35610) 0:05:56.10
SNMPv2-MIB::sysContact.0 = STRING: Root  (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: localhost.localdomain
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.7 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.8 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.9 = OID: SNMP-NOTIFICATION-MIB::snmpNotifyFullCompliance
SNMPv2-MIB::sysORID.10 = OID: NOTIFICATION-LOG-MIB::notificationLogMIB
SNMPv2-MIB::sysORDescr.1 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.3 = STRING: The management information definitions for the SNMP User-based Security Model.
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.5 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.6 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.7 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.8 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.9 = STRING: The MIB modules for managing SNMP Notification, plus filtering.
SNMPv2-MIB::sysORDescr.10 = STRING: The MIB module for logging SNMP Notifications.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.9 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.10 = Timeticks: (0) 0:00:00.00

To update the system information, simply open the SNMPD configuration file, /etc/snmp/snmpd.conf and adjust the values of the above objects;

vim /etc/snmp/snmpd.conf

Note that the value of the sysName object is set to system hostname by default. Hence, sysLocation and sysContact can be set in the configuration file under System contact information section.

Comment these default lines below;

#syslocation Unknown (edit /etc/snmp/snmpd.conf)
#syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

Such that it may look like as shown in the configuration below;


###############################################################################
# System contact information
#

# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file:

# Comment the default lines below
#syslocation Unknown (edit /etc/snmp/snmpd.conf)
#syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
syslocation Serverfarm, DC2, Rack 3
syscontact Kifarunix-Admin <[email protected]>

Update the information as appropriately as you wish.

Save and exit the configuration file and reload SNMPD to effect the changes.

systemctl reload snmpd

Verify the changes;

snmpwalk -v2c -c public localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux rockylinux 5.14.0-284.11.1.el9_2.x86_64 #1 SMP PREEMPT_DYNAMIC Tue May 9 17:09:15 UTC 2023 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (39938) 0:06:39.38
SNMPv2-MIB::sysContact.0 = STRING: Kifarunix-Admin 
SNMPv2-MIB::sysName.0 = STRING: rockylinux
SNMPv2-MIB::sysLocation.0 = STRING: Serverfarm, DC2, Rack 3
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
...

Configuring SNMP Authentication

SNMP supports three versions of SNMP protocol; version 12c and 3.

  • Both version 1 and 2c provides authentication using community string, a shared secret between the agent and the client that is passed in clear text over the network.
  • Version 3 supports user authentication and message encryption using a variety of protocols and is thus a bit more secure.

Configuring SNMP Version 2c Community on Rocky Linux 8/9

As stated above, SNMP v2 provides access using a permission directive, a community string and the source Address. The source address can be IP of the Nagios Server (SNMP server). This directive should be set in the format;

directive community [source [OID]]

where directive can be rocommunity (provides read-only access) or rwcommunity (provides read-write access), OID is the optional SNMP tree to provide access to.

To configure SNMP v2c, for example, to allow a read-only access from a specific source host, like the monitoring servers such as Nagios, to system objects using the community string, monsvronly, simply enter the line below in the snmpd config file.

rocommunity monsvronly 192.168.58.8

You can use the command below;

echo -e "# SNMP version 2c community\nrocommunity monsvronly 192.168.58.8" >> /etc/snmp/snmpd.conf

Where 192.168.58.8 is the IP of the remote server allowed to access SNMP on our server.

To allow from localhost, add the line;

rocommunity monsvronly 127.0.0.1

Configure SNMP Daemon Connection Port

By default, SNMP daemon agent receives requests on UDP port 161. SNMPd however does not open this port by default.

To configure SNMPd to listen on a loopback and an IP interface over UDP port 161, you need to edit the snmpd systemd start-up script, /lib/systemd/system/snmpd.service as shown below;

Replace the line:

ExecStart=/usr/sbin/snmpd $OPTIONS -f

With;

ExecStart=/usr/sbin/snmpd $OPTIONS -f udp:127.0.0.1:161 udp:192.168.60.19:161

Where 192.168.60.19 is the server interface IP.

By running the command below;

sed -i '/$OPTIONS -f/ s/$/ udp:127.0.0.1:161 udp:192.168.56.9:161/' /lib/systemd/system/snmpd.service

Such that you configuration looks like;

cat /lib/systemd/system/snmpd.service

[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=syslog.target network-online.target

[Service]
Type=notify
Environment=OPTIONS="-LS0-6d"
EnvironmentFile=-/etc/sysconfig/snmpd
ExecStart=/usr/sbin/snmpd $OPTIONS -f udp:127.0.0.1:161 udp:192.168.60.19:161
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

Save the configuration file and reload systemd units;

systemctl daemon-reload

Restart SNMP daemon.

systemctl restart snmpd

Verify that the UDP port 161 is open.

ss -alun | grep 161
UNCONN 0      0      192.168.60.19:161        0.0.0.0:*          
UNCONN 0      0          127.0.0.1:161        0.0.0.0:*

Open SNMP Port on FirewallD

If firewalld is running, run the commands below to open SNMPd port

firewall-cmd --add-port=161/udp --permanent
firewall-cmd --reload

Verify Connectivity

Test connectivity from the allowed remote host.

Check if the UDP port is reachable on the server.

nc -uvz 192.168.60.19 161
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.60.19:161.
Ncat: UDP packet sent successfully
Ncat: 1 bytes sent, 0 bytes received in 2.03 seconds.

Test that you can query the SNMP objects on the server using the snmpwalk and read the first 10 lines of the output.

snmpwalk -v2c -c monsvronly 192.168.60.19 | head -10

Ensure you are running the command above from the allowed host.


SNMPv2-MIB::sysDescr.0 = STRING: Linux rockylinux 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:34:55 UTC 2021 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (486) 0:00:04.86
SNMPv2-MIB::sysContact.0 = STRING: Kifarunix-Admin <[email protected]>
SNMPv2-MIB::sysName.0 = STRING: rockylinux
SNMPv2-MIB::sysLocation.0 = STRING: Serverfarm, DC2, Rack 3
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
...

Configuring SNMP Version 3 on Rocky Linux 8/9

SNMP v3 uses a usernamepermissionsecurity levelauthentication and privacy passphrases to allow access.

As a result, you need to create user for authenticating. When created, the user is added to the following configuration files; /etc/snmp/snmpd.conf and /var/lib/net-snmp/snmpd.conf.

Before you can proceed, make a copy of the original configuration file just like we did above.

cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak

Comment the snmp V2 configuration lines added above;

sed -i '/^rocommunity/ s/^/#/' /etc/snmp/snmpd.conf

Stop SNMP daemon

systemctl stop snmpd

Create a read-only authentication user using the net-snmp-create-v3-user command. The command syntax is;

net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass][-x DES|AES] [username]

For example;

net-snmp-create-v3-user -ro -A STrP@SSWRD -a SHA -X STr0ngP@SSWRD -x AES snmpadmin

Sample command output;

adding the following line to /var/lib/net-snmp/snmpd.conf:
   createUser snmpadmin SHA "STrP@SSWRD" AES "STr0ngP@SSWRD"
adding the following line to /etc/snmp/snmpd.conf:
   rouser snmpadmin

Start SNMP daemon

systemctl start snmpd

Enable SNMP daemon to run on system reboot.

systemctl enable snmpd

Configure inbound Firewall rules to UDP port 161 as we did above.

Test to verify that everything is working as expected.

snmpwalk -v3 -a SHA -A STrP@SSWRD -x AES -X STr0ngP@SSWRD -l authPriv -u snmpadmin localhost | head

SNMPv2-MIB::sysDescr.0 = STRING: Linux rockylinux 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:34:55 UTC 2021 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1775) 0:00:17.75
SNMPv2-MIB::sysContact.0 = STRING: Kifarunix-Admin <[email protected]>
SNMPv2-MIB::sysName.0 = STRING: rockylinux
SNMPv2-MIB::sysLocation.0 = STRING: Serverfarm, DC2, Rack 3
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance

Verify from remote host;

snmpwalk -v3 -a SHA -A STrP@SSWRD -x AES -X STr0ngP@SSWRD -l authPriv -u snmpadmin 192.168.60.19 | head

SNMPv2-MIB::sysDescr.0 = STRING: Linux rockylinux 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:40:55 UTC 2021 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (22366) 0:03:43.66
SNMPv2-MIB::sysContact.0 = STRING: Kifarunix-Admin <[email protected]>
SNMPv2-MIB::sysName.0 = STRING: rockylinux
SNMPv2-MIB::sysLocation.0 = STRING: Serverfarm, DC2, Rack 3
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance

Magnificent!!! SNMP is configured!

You can now poll your system metrics from your remote monitoring server.

 Nagios SNMP Monitoring of Linux Hosts on AlienVault USM/OSSIM

Install and Configure SNMP on Debian 10 Buster

How to Configure SNMP version 3 on Debian 9

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
koromicha
I am the Co-founder of Kifarunix.com, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

Related Posts

Install Wireshark on Rocky Linux

Install Passbolt Password Manager on Rocky Linux 8

Install VirtualBox Guest Additions on Linux Mint 21

Installing Minikube on Ubuntu 24.04

Easy way to Configure Filebeat-Logstash SSL/TLS Connection

6 Human Resource Management Basics for Every HR

2 thoughts on “Install and Configure SNMP on Rocky Linux 8/9”

  1. Nice, but does not work!
    Process: 2735634 ExecStart=/usr/sbin/snmpd $OPTIONS -f udp:127.0.0.1:161 udp:192.168.60.232:161 (code=exited, status=1/FAILURE)

    Reply

Leave a Comment

© 2024 kifarunix.com

Home Advertise with us Privacy Policy