In this guide, we are going to learn how to install and configure SNMP on Ubuntu 18.04 and CentOS 7. SNMP is an acronym for Simple Network Management Protocol. It provides an agentless method of managing and monitoring of network devices and servers for health information, system metrics such as CPU load, Physical Memory usage, number of running processes, service state e.t.c that support polling over the SNMP protocol.. With this method, you don’t need to install the usual Nagios NRPE agent on your hosts.
Installing SNMP on Ubuntu 18.04 and CentOS 7
Before you can monitor Linux hosts with Nagios using SNMP, you first need to install the necessary packages. The SNMP packages are available on default repositories.
Install SNMP on Ubuntu 18.04 and CentOS 7
Run the commands below to install the SNMP packages;
On CentOS 7
yum update
yum install net-snmp net-snmp-utils
On Ubuntu 18.04
apt update
apt install snmpd snmp libsnmp-dev
Configure SNMP on Ubuntu 18.04 and CentOS 7
Once the installation is done, proceed to configure SNMP as follows. The default configuration file for SNMP is /etc/snmp/snmpd.conf. The file is higly commented and thus, we will only make a few changes. As a result, make a copy of the original file before you can proceed.
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
Configuring Authentication
SNMP supports three versions of SNMP protocol; version 1, 2c and 3. Both version 1 and 2c provides authentication using community string, a shared secret between the agent and the client that is passed in clear text over the network while version 3 supports user authentication and message encryption using a variety of protocols and is thus a bit more secure.
Configuring SNMP Version 2c Community
As stated above, SNMP v2 provides access using a permission directive, a community string and the source Address. The source address can be IP of the Nagios Server (SNMP server). This directive should be set in the format;
directive community [source [OID]]
where directive can be rocommunity (provides read-only access) or rwcommunity (provides read-write access), OID is the optional SNMP tree to provide access to. To configure SNMP v2c;
On Ubuntu 18.04 proceed as follows;
Edit the snmpd configuration file and configure it to listen on both a localhost and an interface IP. By default, SNMP agent on is set to allow connections originating from the localhost only. agentAddress udp:127.0.0.1:161,udp:192.168.43.154:161.
Also, configure it to allow the monitoring server (Nagios server in my case, with IP, 192.168.43.101) only to connect using the community string (Ex@mPL3).
vim /etc/snmp/snmpd.conf
...
# AGENT BEHAVIOUR
#
# Listen for connections from the local system only
agentAddress udp:127.0.0.1:161,udp:192.168.43.154:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161
...
###############################################################################
#
# ACCESS CONTROL
#
...
rocommunity Ex@mPL3 192.168.43.101
###############################################################################
#
# SYSTEM INFORMATION
Note that for any changes to the configuration file to take effect, force the snmpd service to re-read the configuration by running the following command:
systemctl reload snmpd
If you can check, SNMP is now listening on two interfaces;
netstat -nlpu|grep snmp
udp 16128 0 192.168.43.154:161 0.0.0.0:* 10057/snmpd
udp 3072 0 127.0.0.1:161 0.0.0.0:* 10057/snmpd
If firewall is running, allow connection from the Nagios server.
ufw allow from 192.168.43.101 to any port 161 proto udp
ufw reload
Next, run the command below from the Nagios Server to verify access to the host;
snmpwalk -v2c -c Ex@mPL3 192.168.43.154
iso.3.6.1.2.1.1.1.0 = STRING: "Linux u18svr 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (1082) 0:00:10.82
iso.3.6.1.2.1.1.4.0 = STRING: "Me <[email protected]>"
iso.3.6.1.2.1.1.5.0 = STRING: "ubuntu18svr"
iso.3.6.1.2.1.1.6.0 = STRING: "Sitting on the Dock of the Bay"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (2) 0:00:00.02
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
On CentOS 7, proceed as follows;
Set the community string and allow access from the Nagios server.
echo -e "# SNMP version 2c community\nrocommunity Ex@mPL3 192.168.43.101" >> /etc/snmp/snmpd.conf
Configure snmpd to listens for incoming SNMP requests on UDP port 161 on loopback and other interfaces. This involves modifying snmpd start up script. Run the command below to effect this change. You first need to backup the original service config.
cp /lib/systemd/system/snmpd.service /lib/systemd/system/snmpd.service.bak
Edit the snmpd service configuration file and replace the line ExecStart=/usr/sbin/snmpd $OPTIONS -f with; ExecStart=/usr/sbin/snmpd $OPTIONS -f udp:127.0.0.1:161 udp:192.168.43.23.161 such that you configuration looks like;
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=syslog.target network.target
[Service]
Type=notify
Environment=OPTIONS="-LS0-6d"
EnvironmentFile=-/etc/sysconfig/snmpd
ExecStart=/usr/sbin/snmpd $OPTIONS -f udp:127.0.0.1:161 udp:192.168.43.23:161
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
Reload the system units and restart snmpd service;
systemctl daemon-reload
systemctl restart snmpd
Verify that both interfaces are listening;
ss -nlpu|grep snmp
UNCONN 0 0 192.168.43.23:161 *:* users:(("snmpd",pid=4931,fd=7))
UNCONN 0 0 127.0.0.1:161 *:* users:(("snmpd",pid=4931,fd=6))
If firewalld is running, create a new zone and allow access to snmp agent only from the Nagios server;
firewall-cmd --new-zone=snmp --permanent
firewall-cmd --zone=snmp --add-interface=eth1 --permanent
firewall-cmd --zone=snmp --add-source=192.168.43.101 --permanent
firewall-cmd --zone=snmp --add-port=161/udp --permanent
firewall-cmd --reload
Verify active zones;
firewall-cmd --get-active-zones
snmp
sources: 192.168.43.101
public
interfaces: eth0 eth1
However, you can simply run the commands below open snmpd port
firewall-cmd --add-port=161/udp --permanent
firewall-cmd --reload
Test connectivity from the Nagios server;
snmpwalk -v2c -c Ex@mPL3 192.168.43.23
iso.3.6.1.2.1.1.1.0 = STRING: "Linux Cent7.example.com 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (191101) 0:31:51.01
iso.3.6.1.2.1.1.4.0 = STRING: "Root <root@localhost> (configure /etc/snmp/snmp.local.conf)"
iso.3.6.1.2.1.1.5.0 = STRING: "Cent7.example.com"
iso.3.6.1.2.1.1.6.0 = STRING: "Unknown (edit /etc/snmp/snmpd.conf)"
iso.3.6.1.2.1.1.8.0 = Timeticks: (3) 0:00:00.03
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.10.3.1.1
Configuring SNMP Version 3
SNMP v3 uses a username, permission, security level, authentication and privacy passphrases to allow access. As a result, you need to create user for authenticating. When created, the user is added to the following configuration files; /etc/snmp/snmpd.conf and /var/lib/net-snmp/snmpd.conf. Before you can proceed, make a copy of the original configuration file just like we did above.
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
Stop SNMP daemon
systemctl stop snmpd
Create a read-only authentication user using the net-snmp-create-v3-user command. The command syntax is;
net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass][-x DES|AES] [username]
net-snmp-create-v3-user -ro -A STrP@SSWRD -a SHA -X STr0ngP@SSWRD -x AES snmpadmin
adding the following line to /var/lib/snmp/snmpd.conf:
createUser snmpadmin SHA "STrP@SSWRD" AES STr0ngP@SSWRD
adding the following line to /usr/share/snmp/snmpd.conf:
rouser snmpadmin
Start SNMP daemon and configure inbound Firewall rules to UDP port 161 as we did above.
systemctl start snmpd
Enable SNMP daemon to run on system reboot.
systemctl enable snmpd
Test to verify that everything is working as expected.
snmpwalk -v3 -a SHA -A STrP@SSWRD -x AES -X STr0ngP@SSWRD -l authPriv -u snmpadmin localhost | head
CentOS 7:
SNMPv2-MIB::sysDescr.0 = STRING: Linux Cent7.example.com 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2095) 0:00:20.95
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: Cent7.example.com
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (6) 0:00:00.06
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
Ubuntu 18.04:
iso.3.6.1.2.1.1.1.0 = STRING: "Linux u18svr 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (59297) 0:09:52.97
iso.3.6.1.2.1.1.4.0 = STRING: "Me <[email protected]>"
iso.3.6.1.2.1.1.5.0 = STRING: "u18svr"
iso.3.6.1.2.1.1.6.0 = STRING: "Sitting on the Dock of the Bay"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
From a remote host;
snmpwalk -v3 -a SHA -A STrP@SSWRD -x AES -X STr0ngP@SSWRD -l authPriv -u snmpadmin 192.168.43.23 | head
iso.3.6.1.2.1.1.1.0 = STRING: "Linux Cent7.example.com 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (15002) 0:02:30.02
iso.3.6.1.2.1.1.4.0 = STRING: "Root <root@localhost> (configure /etc/snmp/snmp.local.conf)"
iso.3.6.1.2.1.1.5.0 = STRING: "Cent7.example.com"
iso.3.6.1.2.1.1.6.0 = STRING: "Unknown (edit /etc/snmp/snmpd.conf)"
iso.3.6.1.2.1.1.8.0 = Timeticks: (6) 0:00:00.06
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.10.3.1.1
snmpwalk -v3 -a SHA -A STrP@SSWRD -x AES -X STr0ngP@SSWRD -l authPriv -u snmpadmin 192.168.43.154 | head
SNMPv2-MIB::sysDescr.0 = STRING: Linux u18svr 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (114664) 0:19:06.64
SNMPv2-MIB::sysContact.0 = STRING: Me <[email protected]>
SNMPv2-MIB::sysName.0 = STRING: u18svr
SNMPv2-MIB::sysLocation.0 = STRING: Sitting on the Dock of the Bay
SNMPv2-MIB::sysServices.0 = INTEGER: 72
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
Great!! You have successfully installed and configured SNMP on Ubuntu 18.04 and CentOS 7. Your server is now ready for Nagios SNMP monitoring from your Nagios server or any other monitoring tool. You can also check our aritcle on Nagios SNMP Monitoring of Linux Hosts on AlienVault USM/OSSIM.
Related Tutorials:
Monitor Linux System Metrics with Prometheus Node Exporter
Monitor Squid logs with Grafana and Graylog
Monitor Squid Access Logs with Graylog Server
How to Install Nagios Plugins and NRPE agents on CentOS 7/RHEL 7/Fedora 29
Monitor Linux Hosts using Nagios check_by_ssh Plugin
How to Install Nagios Plugins From Source RHEL/CentOS/Oracle Linux
