[root@whoopie etc]# cd
[root@whoopie ~]# snmpconf -G # Lists wizards to use.
Known GROUPs of tokens:
system_setup
basic_setup
monitoring_services
access_control
trapsinks
[root@whoopie ~]# snmpconf -g basic_setup
The following installed configuration files were found:
1: /etc/snmp/snmpd.conf
Would you like me to read them in? Their content will be merged with the
output files created by this session.
Valid answer examples: "all", "none","3","1,2,5"
Read in which (default = all): none
************************************************
*** Beginning basic system information setup ***
************************************************
Do you want to configure the information returned in the system MIB group
(contact info, etc)? (default = y): y
Configuring: syslocation
Description:
The [typically physical] location of the system.
Note that setting this value here means that when trying to
perform an snmp SET operation to the sysLocation.0 variable will make
the agent return the "notWritable" error code. IE, including
this token in the snmpd.conf file will disable write access to
the variable.
arguments: location_string
The location of the system: DTEC-411
Finished Output: syslocation DTEC-411
Configuring: syscontact
Description:
The contact information for the administrator
Note that setting this value here means that when trying to
perform an snmp SET operation to the sysContact.0 variable will make
the agent return the "notWritable" error code. IE, including
this token in the snmpd.conf file will disable write access to
the variable.
arguments: contact_string
The contact information: "Hymie Piffl" <hpiffl@localhost>
Finished Output: syscontact "\"Hymie Piffl\" <hpiffl@localhost>"
Do you want to properly set the value of the sysServices.0 OID
(if you don't know, just say no)? (default = y): no
**************************************
*** BEGINNING ACCESS CONTROL SETUP ***
**************************************
Do you want to configure the agent's access control? (default = y): y
Do you want to allow SNMPv3 read-write user based access (default = y): y
Configuring: rwuser
Description:
a SNMPv3 read-write user
arguments: user [noauth|auth|priv] [restriction_oid]
The SNMPv3 user that should have read-write access:
The minimum security level required for that user [noauth|auth|priv, default = auth]: noauth
The OID that this community should be restricted to [if appropriate]:
Finished Output: rwuser noauth
Do another rwuser line? (default = y): n
Do you want to allow SNMPv3 read-only user based access (default = y):
Configuring: rouser
Description:
a SNMPv3 read-only user
arguments: user [noauth|auth|priv] [restriction_oid]
Enter the SNMPv3 user that should have read-only access to the system:
The minimum security level required for that user [noauth|auth|priv, default = auth]: noauth
The OID that this community should be restricted to [if appropriate]:
Finished Output: rouser noauth
Do another rouser line? (default = y): n
Do you want to allow SNMPv1/v2c read-write community access (default = y): y
Configuring: rwcommunity
Description:
a SNMPv1/SNMPv2c read-write access community name
arguments: community [default|hostname|network/bits] [oid]
Enter the community name to add read-write access for: private
The hostname or network address to accept this community name from [RETURN for all]:
The OID that this community should be restricted to [RETURN for no-restriction]:
Finished Output: rwcommunity private
Do another rwcommunity line? (default = y): n
Do you want to allow SNMPv1/v2c read-only community access (default = y): y
Configuring: rocommunity
Description:
a SNMPv1/SNMPv2c read-only access community name
arguments: community [default|hostname|network/bits] [oid]
The community name to add read-only access for: public
The hostname or network address to accept this community name from [RETURN for all]:
The OID that this community should be restricted to [RETURN for no-restriction]:
Finished Output: rocommunity public
Do another rocommunity line? (default = y): n
****************************************
*** Beginning trap destination setup ***
****************************************
Do you want to configure where and if the agent will send traps? (default = y):
Do you want the agent to send snmp traps on snmp authentication
failures? (default = y):
Configuring: authtrapenable
Description:
Should we send traps when authentication failures occur
arguments: 1 | 2 (1 = yes, 2 = no)
Should traps be sent when authentication failures occur? (1=yes, 2=no): 2
Finished Output: authtrapenable 2
Configuring: trapcommunity
Description:
Default trap sink community to use
arguments: community-string
The default community name to use when sending traps: public
Finished Output: trapcommunity public
Do you want the agent to send snmpv2c informs to a trap receiver (default = y):
Configuring: informsink
Description:
A SNMPv2c inform (acknowledged trap) receiver
arguments: host [community] [portnum]
A host name that should receive the trap: localhost
The community to be used in the trap sent [optional]:
The port number the trap should be sent to [optional]:
Finished Output: informsink localhost
Do another informsink line? (default = y): n
Do you want the agent to send snmpv2c traps to a trap receiver (default = y):
Configuring: trap2sink
Description:
A SNMPv2c trap receiver
arguments: host [community] [portnum]
A host name that should receive the trap: localhost
The community to be used in the trap sent [optional]:
The port number the trap should be sent to [optional]:
Finished Output: trap2sink localhost
Do another trap2sink line? (default = y): n
Do you want the agent to send snmpv1 traps to a trap
receiver (default = y): n
****************************************
*** Beginning monitoring setup ***
****************************************
Do you want to configure the agent's ability to monitor various aspects
of your system? (default = y): y
Do you want to configure the agents ability to monitor
processes? (default = y): y
Configuring: proc
Description:
Check for processes that should be running.
proc NAME [MAX=0] [MIN=0]
NAME: the name of the process to check for. It must match
exactly (ie, http will not find httpd processes).
MAX: the maximum number allowed to be running. Defaults to 0.
MIN: the minimum number to be running. Defaults to 0.
The results are reported in the prTable section of the UCD-SNMP-MIB tree
Special Case: When the min and max numbers are both 0, it assumes
you want a max of infinity and a min of 1.
Name of the process you want to check on: init
Maximum number of processes named 'init' that should be
running [default = 0]: 1
Minimum number of processes named 'init' that should be
running [default = 0]: 1
Finished Output: proc init 1 1
Do another proc line? (default = y):
Configuring: proc
Description:
Check for processes that should be running.
proc NAME [MAX=0] [MIN=0]
NAME: the name of the process to check for. It must match
exactly (ie, http will not find httpd processes).
MAX: the maximum number allowed to be running. Defaults to 0.
MIN: the minimum number to be running. Defaults to 0.
The results are reported in the prTable section of the UCD-SNMP-MIB tree
Special Case: When the min and max numbers are both 0, it assumes
you want a max of infinity and a min of 1.
Name of the process you want to check on: httpd
Maximum number of processes named 'httpd' that should be running [default = 0]: 0
Minimum number of processes named 'httpd' that should be running [default = 0]: 0
Finished Output: proc httpd 0 0
Do another proc line? (default = y): n
Do you want to configure the agents ability to monitor disk space? (default = y): y
Configuring: disk
Description:
Check for disk space usage of a partition.
The agent can check the amount of available disk space, and make
sure it is above a set limit.
disk PATH [MIN=100000]
PATH: mount path to the disk in question.
MIN: Disks with space below this value will have the Mib's errorFlag set.
Can be a raw byte value or a percentage followed by the %
symbol. Default value = 100000.
The results are reported in the dskTable section of the UCD-SNMP-MIB tree
Enter the mount point for the disk partion to be checked on: /
Enter the minimum amount of space that should be available on /:
Finished Output: disk /
Do another disk line? (default = y): n
Do you want to configure the agents ability to monitor load average? (default = y): y
Configuring: load
Description:
Check for unreasonable load average values.
Watch the load average levels on the machine.
load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
1MAX: If the 1 minute load average is above this limit at query
time, the errorFlag will be set.
5MAX: Similar, but for 5 min average.
15MAX: Similar, but for 15 min average.
The results are reported in the laTable section of the UCD-SNMP-MIB tree
Enter the maximum allowable value for the 1 minute load average: 12
Enter the maximum allowable value for the 5 minute load average: 12
Enter the maximum allowable value for the 15 minute load average: 12
Finished Output: load 12 12 12
Do another load line? (default = y): n
Do you want to configure the agents ability to monitor file sizes? (default = y): y
Configuring: file
Description:
Check on the size of a file.
Display a files size statistics.
If it grows to be too large, report an error about it.
file /path/to/file [maxsize_in_bytes]
if maxsize is not specified, assume only size reporting is needed.
The results are reported in the fileTable section of the UCD-SNMP-MIB tree
Enter the path to the file you wish to monitor: /var/log/messages
Enter the maximum size (in bytes) allowable for /var/log/messages: 100000000
Finished Output: file /var/log/messages 100000000
Do another file line? (default = y): n
The following files were created:
snmpd.conf
These files should be moved to /usr/share/snmp if you
want them used by everyone on the system. In the future, if you add
the -i option to the command line I'll copy them there automatically for you.
Or, if you want them for your personal use only, copy them to
/root/.snmp . In the future, if you add the -p option to the
command line I'll copy them there automatically for you.
[root@whoopie ~]# cp snmpd.conf /usr/share/snmp
[root@whoopie ~]# ls /etc/snmp/
snmpd.conf
[root@whoopie ~]# mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.ORIG
[root@whoopie ~]# ln -s /usr/share/snmp/snmpd.conf /etc/snmp/snmpd.conf
[root@whoopie ~]# chkconfig snmpd on
[root@whoopie ~]# chkconfig --list snmpd
snmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@whoopie ~]# /etc/init.d/snmpd start
Stopping snmpd: [ OK ]
Starting snmpd: [ OK ]
[root@whoopie ~]# snmpwalk -Os -c public -v 2c localhost system
sysDescr.0 = STRING: Linux whoopie 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005 i686
sysObjectID.0 = OID: netSnmpAgentOIDs.10
sysUpTime.0 = Timeticks: (424) 0:00:04.24
sysContact.0 = STRING: "\"Hymie Piffl\" <hpiffl@localhost>"
sysName.0 = STRING: whoopie
sysLocation.0 = STRING: DTEC-411
sysORLastChange.0 = Timeticks: (1) 0:00:00.01
sysORID.1 = OID: ifMIB
sysORID.2 = OID: snmpMIB
sysORID.3 = OID: tcpMIB
sysORID.4 = OID: ip
sysORID.5 = OID: udpMIB
sysORID.6 = OID: vacmBasicGroup
sysORID.7 = OID: snmpFrameworkMIBCompliance
sysORID.8 = OID: snmpMPDCompliance
sysORID.9 = OID: usmMIBCompliance
sysORDescr.1 = STRING: The MIB module to describe generic objects for
network interface sub-layers
sysORDescr.2 = STRING: The MIB module for SNMPv2 entities
sysORDescr.3 = STRING: The MIB module for managing TCP implementations
sysORDescr.4 = STRING: The MIB module for managing IP and ICMP implementations
sysORDescr.5 = STRING: The MIB module for managing UDP implementations
sysORDescr.6 = STRING: View-based Access Control Model for SNMP.
sysORDescr.7 = STRING: The SNMP Management Architecture MIB.
sysORDescr.8 = STRING: The MIB for Message Processing and Dispatching.
sysORDescr.9 = STRING: The management information definitions for the
SNMP User-based Security Model.
sysORUpTime.1 = Timeticks: (1) 0:00:00.01
sysORUpTime.2 = Timeticks: (1) 0:00:00.01
sysORUpTime.3 = Timeticks: (1) 0:00:00.01
sysORUpTime.4 = Timeticks: (1) 0:00:00.01
sysORUpTime.5 = Timeticks: (1) 0:00:00.01
sysORUpTime.6 = Timeticks: (1) 0:00:00.01
sysORUpTime.7 = Timeticks: (1) 0:00:00.01
sysORUpTime.8 = Timeticks: (1) 0:00:00.01
sysORUpTime.9 = Timeticks: (1) 0:00:00.01
[root@whoopie ~]# less snmpd.conf
[root@whoopie ~]# # snmpwalk options (see man page for complete list):
[root@whoopie ~]# # "-O<format>" (oh, not zero). where <format> is some combination of:
[root@whoopie ~]# # s = short OID name, type, and value,
[root@whoopie ~]# # f = full OID name, type, and value
[root@whoopie ~]# # n = OID number and value,
[root@whoopie ~]# # Q or q = quick listing of name = value,
[root@whoopie ~]# # v = just the value
[root@whoopie ~]# #
[root@whoopie ~]# # -c name is the community string (I used public and private)
[root@whoopie ~]# #
[root@whoopie ~]# # -v # is the version number (1, 2c, or 3)
[root@whoopie ~]# #
[root@whoopie ~]# # IP address of managed device (I used localhost)
[root@whoopie ~]# #
[root@whoopie ~]# # OID to show (defaults to all)
[root@whoopie ~]# # Show versions 1, 2c, and 3 system information:
[root@whoopie ~]# snmpwalk -Os -c public -v 1 localhost system
[root@whoopie ~]# snmpwalk -Os -c public -v 2c localhost system
[root@whoopie ~]# snmpwalk -Os -c public -v 3 localhost system
[root@whoopie ~]# # Show all READ information:
[root@whoopie ~]# snmpwalk -Os -c public -v 2c localhost |less
[root@whoopie ~]# snmpwalk -Of -c public -v 2c localhost |less
[root@whoopie ~]# snmpwalk -On -c public -v 2c localhost |less
[root@whoopie ~]# # Show tcp information:
[root@whoopie ~]# snmpwalk -Of -c public -v 2c localhost tcp |less
[root@whoopie ~]# snmpwalk -Of -c public -v 2c localhost interfaces |less
[root@whoopie ~]# snmpwalk -On -c public -v 2c localhost interfaces |less
[root@whoopie ~]# # Show running processes:
[root@whoopie ~]# snmpwalk -Oqn -c public -v 2c localhost .1.3.6.1.2.1.25.4.2.1.2 |less
[root@whoopie ~]# # Show all installed packages (rpm -qa):
[root@whoopie ~]# snmpwalk -Oqn -c public -v 2c localhost .1.3.6.1.2.1.25.6.3.1.2 |less
[root@whoopie ~]# # Show all READ-WRITE information:
[root@whoopie ~]# snmpwalk -OQ -c private -v 2c localhost |less
Back to top
###########################################################################
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
###########################################################################
# SECTION: Monitor Various Aspects of the Running Host
#
# The following check up on various aspects of a host.
# proc: Check for processes that should be running.
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It must match
# exactly (ie, http will not find httpd processes).
# MAX: the maximum number allowed to be running. Defaults to 0.
# MIN: the minimum number to be running. Defaults to 0.
#
# The results are reported in the prTable section of the UCD-SNMP-MIB tree
# Special Case: When the min and max numbers are both 0, it assumes
# you want a max of infinity and a min of 1.
proc init 1 1
proc httpd 0 0
# disk: Check for disk space usage of a partition.
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
#
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Can be a raw byte value or a percentage followed by the %
# symbol. Default value = 100000.
#
# The results are reported in the dskTable section of the UCD-SNMP-MIB tree
disk /
# load: Check for unreasonable load average values.
# Watch the load average levels on the machine.
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this limit at query
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
#
# The results are reported in the laTable section of the UCD-SNMP-MIB tree
load 12 12 12
# file: Check on the size of a file.
# Display a files size statistics.
# If it grows to be too large, report an error about it.
#
# file /path/to/file [maxsize_in_bytes]
#
# if maxsize is not specified, assume only size reporting is needed.
#
# The results are reported in the fileTable section of the UCD-SNMP-MIB tree
file /var/log/messages 100000000
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rwuser: a SNMPv3 read-write user
# arguments: user [noauth|auth|priv] [restriction_oid]
rwuser noauth
# rouser: a SNMPv3 read-only user
# arguments: user [noauth|auth|priv] [restriction_oid]
rouser noauth
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
rocommunity public
# rwcommunity: a SNMPv1/SNMPv2c read-write access community name
# arguments: community [default|hostname|network/bits] [oid]
rwcommunity private
###########################################################################
# SECTION: Trap Destinations
#
# Here we define who the agent will send traps to.
# trap2sink: A SNMPv2c trap receiver
# arguments: host [community] [portnum]
trap2sink localhost
# informsink: A SNMPv2c inform (acknowledged trap) receiver
# arguments: host [community] [portnum]
informsink localhost
# trapcommunity: Default trap sink community to use
# arguments: community-string
trapcommunity public
# authtrapenable: Should we send traps when authentication failures occur
# arguments: 1 | 2 (1 = yes, 2 = no)
authtrapenable 2
###########################################################################
# SECTION: System Information Setup
#
# This section defines some of the information reported in
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the system.
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysLocation.0 variable will make
# the agent return the "notWritable" error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: location_string
syslocation DTEC-411
# syscontact: The contact information for the administrator
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysContact.0 variable will make
# the agent return the "notWritable" error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: contact_string
syscontact "\"Hymie Piffl\" <hpiffl@localhost>"
Back to top