Difference between pages "Dependencies" and "Snmp"
From Linuxintro
(Difference between pages)
imported>ThorstenStaerk |
imported>ThorstenStaerk |
||
Line 1: | Line 1: | ||
− | + | SNMP allows you to monitor hardware. To do this, there are objects that will be monitored: computers, network switches, storages and so on. These are called agents. They communicate with a "manager" which displays their status. The agents can be queried for their status by a get/set request/response. Or they can alert about a critical status by initiating a communication, this is called a "trap". | |
− | |||
− | |||
− | + | = Trying to build an SNMP prototype = | |
− | |||
− | = | + | SUSE Linux: |
− | # | + | |
− | + | yast -i nagios apache2 | |
− | + | /etc/init.d/nagios start | |
+ | /etc/init.d/apache2 start | ||
+ | |||
+ | Remember your login nagiosadmin:nagiosadmin and point your browser to http://127.0.0.1/nagios | ||
+ | |||
+ | /etc/init.d/snmptrapd | ||
+ | tail -f /var/log/net-snmpd.log | ||
+ | snmptrap -v 2c -c public localhost "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42 | ||
+ | |||
+ | No access configuration - dropping trap. | ||
+ | |||
+ | So it seems I have to | ||
+ | |||
+ | cat /etc/snmp/snmptrapd.conf | ||
+ | disableAuthorization yes | ||
+ | traphandle default /bin/snmppl | ||
+ | |||
+ | /etc/init.d/snmptrapd restart | ||
+ | cat /bin/snmppl | ||
+ | #!/bin/bash | ||
+ | date >>/tmp/dates | ||
+ | |||
+ | = 2014-05-06 = | ||
+ | Ok, the following command | ||
+ | snmptrap -v 2c -c public hostname "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42 | ||
+ | works and I can see on hostname | ||
+ | |||
+ | hostname:~ # tcpdump port 162 | ||
+ | tcpdump: verbose output suppressed, use -v or -vv for full protocol decode | ||
+ | listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes | ||
+ | 12:09:02.418760 IP source.domain.45398 > hostname.domain.snmptrap: V2Trap(77) system.sysUpTime.0=60543145 S:1.1.4.1.0=[|snmp] | ||
+ | |||
+ | But I cannot receive it with [[netcAt]]. And it does not work on localhost. | ||
+ | |||
+ | Using this command I can sniff and display the snmp trap: | ||
+ | |||
+ | tcpdump -A port 162 -l | hexdump -C | ||
+ | |||
+ | or this command: | ||
+ | |||
+ | netcat -u -l 162 | hexdump -C | ||
+ | |||
+ | = See also = | ||
+ | * http://nagios.sourceforge.net/docs/3_0/quickstart-opensuse.html | ||
+ | * http://net-snmp.sourceforge.net/wiki/index.php/TUT:snmptrap | ||
+ | * http://www.linuxforums.org/forum/gentoo-linux/108864-net-snmp.html | ||
+ | * http://paulgporter.net/2013/09/16/nagios-snmp-traps/ | ||
+ | |||
+ | [[Category:Networking]] | ||
+ | [[Category:Concept]] |
Revision as of 10:40, 22 January 2015
SNMP allows you to monitor hardware. To do this, there are objects that will be monitored: computers, network switches, storages and so on. These are called agents. They communicate with a "manager" which displays their status. The agents can be queried for their status by a get/set request/response. Or they can alert about a critical status by initiating a communication, this is called a "trap".
Trying to build an SNMP prototype
SUSE Linux:
yast -i nagios apache2 /etc/init.d/nagios start /etc/init.d/apache2 start
Remember your login nagiosadmin:nagiosadmin and point your browser to http://127.0.0.1/nagios
/etc/init.d/snmptrapd tail -f /var/log/net-snmpd.log snmptrap -v 2c -c public localhost "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42
No access configuration - dropping trap.
So it seems I have to
cat /etc/snmp/snmptrapd.conf disableAuthorization yes traphandle default /bin/snmppl
/etc/init.d/snmptrapd restart cat /bin/snmppl #!/bin/bash date >>/tmp/dates
2014-05-06
Ok, the following command
snmptrap -v 2c -c public hostname "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42
works and I can see on hostname
hostname:~ # tcpdump port 162 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 12:09:02.418760 IP source.domain.45398 > hostname.domain.snmptrap: V2Trap(77) system.sysUpTime.0=60543145 S:1.1.4.1.0=[|snmp]
But I cannot receive it with netcAt. And it does not work on localhost.
Using this command I can sniff and display the snmp trap:
tcpdump -A port 162 -l | hexdump -C
or this command:
netcat -u -l 162 | hexdump -C