Re: [SLUG] enabling snmp on NIC ?
On Mon, September 20, 2010 7:48 pm, Martin Visser wrote: > I think the latest releases of Net-SNMP have been tightened up security > wise. By default on Ubuntu, SNMP access is limit to the system description > information. I suspect the same problem is occuring to you on Centos. > In the line below from /etc/snmp/snmpd.conf to enable read-only access to > all of the available SNMP MIB objects compiled in, you need to change > associated security name for the "public" community from "paranoid" to > "read-only", which is what I have done here, by commenting the line with > "paranoid" and uncommenting "readonly":- Martin thanks, unfortunately... I can't access the system as, through sheer own stupidity I've fried the mainbboard, and, system is down. hopefully the hard disk should be OK, just need to find another RAAD system to try it (RAAD Random Array of Abandoned Devices) (it has to be dumbest of dumb ideas, making a makeshift connection to replacement CPU fan...) -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
I think the latest releases of Net-SNMP have been tightened up security wise. By default on Ubuntu, SNMP access is limit to the system description information. I suspect the same problem is occuring to you on Centos. In the line below from /etc/snmp/snmpd.conf to enable read-only access to all of the available SNMP MIB objects compiled in, you need to change associated security name for the "public" community from "paranoid" to "read-only", which is what I have done here, by commenting the line with "paranoid" and uncommenting "readonly":- # First, map the community name (COMMUNITY) into a security name # (local and mynetwork, depending on where the request is coming # from): # sec.name source community #com2sec paranoid default public com2sec readonly default public #com2sec readwrite default private So the before and after result from an snmpwalk on the interface part of the MIB tree is below. First with "paranoid" for "public":- $ snmpwalk -v 1 -c public localhost interface End of MIB And now with "readonly for "public" (after doing a "service snmpd restart" in between) :- $ snmpwalk -v 1 -c public localhost interface IF-MIB::ifNumber.0 = INTEGER: 7 IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.2 = INTEGER: 2 IF-MIB::ifIndex.3 = INTEGER: 3 IF-MIB::ifIndex.4 = INTEGER: 4 IF-MIB::ifIndex.5 = INTEGER: 5 IF-MIB::ifIndex.6 = INTEGER: 6 IF-MIB::ifIndex.8 = INTEGER: 8 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: eth1 IF-MIB::ifDescr.3 = STRING: eth2 IF-MIB::ifDescr.4 = STRING: br0 IF-MIB::ifDescr.5 = STRING: ip6tnl0 IF-MIB::ifDescr.6 = STRING: ano-linode IF-MIB::ifDescr.8 = STRING: tap0 IF-MIB::ifType.1 = INTEGER: softwareLoopback(24) IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.4 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.5 = INTEGER: tunnel(131) IF-MIB::ifType.6 = INTEGER: tunnel(131) IF-MIB::ifType.8 = INTEGER: ethernetCsmacd(6) IF-MIB::ifMtu.1 = INTEGER: 16436 IF-MIB::ifMtu.2 = INTEGER: 1500 IF-MIB::ifMtu.3 = INTEGER: 1500 IF-MIB::ifMtu.4 = INTEGER: 1500 IF-MIB::ifMtu.5 = INTEGER: 1460 IF-MIB::ifMtu.6 = INTEGER: 1360 IF-MIB::ifMtu.8 = INTEGER: 1500 IF-MIB::ifSpeed.1 = Gauge32: 1000 IF-MIB::ifSpeed.2 = Gauge32: 1000 IF-MIB::ifSpeed.3 = Gauge32: 1000 IF-MIB::ifSpeed.4 = Gauge32: 1000 IF-MIB::ifSpeed.5 = Gauge32: 0 IF-MIB::ifSpeed.6 = Gauge32: 0 IF-MIB::ifSpeed.8 = Gauge32: 1000 - 8-< Regards, Martin Regards, Martin martinvisse...@gmail.com On Fri, Sep 17, 2010 at 12:19 PM, Voytek Eymont wrote: > > On Thu, September 16, 2010 9:42 pm, Amit Dor-Shifer wrote: > > Is netsnmp built with ifmib support? > > If you can't snmpwalk ifmib, I'm not sure cacti group will be the right > > place to look for answers. Rather the SNMP crowd should be consulted. > > Amit, > > thanks, yes, it seems there is no support for the ifmib > > I kinda perused a bunch of docs on netsnmp pages, with nothing that really > helped me, as this is more of a hobby project than a real need, I'll be > happy with polling NICs of the switch/router and NAS, which is what really > matters for this, at this time; the Linux' box sole purpose is to run > cacti and ntpd, I'll look at it again at some future time > > thanks again for all the help, guys > > > > -- > Voytek > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 9:42 pm, Amit Dor-Shifer wrote: > Is netsnmp built with ifmib support? > If you can't snmpwalk ifmib, I'm not sure cacti group will be the right > place to look for answers. Rather the SNMP crowd should be consulted. Amit, thanks, yes, it seems there is no support for the ifmib I kinda perused a bunch of docs on netsnmp pages, with nothing that really helped me, as this is more of a hobby project than a real need, I'll be happy with polling NICs of the switch/router and NAS, which is what really matters for this, at this time; the Linux' box sole purpose is to run cacti and ntpd, I'll look at it again at some future time thanks again for all the help, guys -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
Is netsnmp built with ifmib support? If you can't snmpwalk ifmib, I'm not sure cacti group will be the right place to look for answers. Rather the SNMP crowd should be consulted. Amit On Thu, Sep 16, 2010 at 5:39 AM, Voytek Eymont wrote: > > On Thu, September 16, 2010 9:12 am, Tony Sceats wrote: > > what if you try to specifiy the Interface OID, with something like > > > > snmpwalk somehost -v1 -c public 1.3.6.1.2.1.2 > > Tony, thanks: > > # snmpwalk localhost -v1 -c public 1.3.6.1.2.1.2 > # snmpwalk localhost -v2c -c public 1.3.6.1.2.1.2 > IF-MIB::interfaces = No Such Object available on this agent at this OID > > > > Also you should find lots of data here: > > /usr/share/snmp/mibs/ > > yes: > # ls /usr/share/snmp/mibs/ > AGENTX-MIB.txt NOTIFICATION-LOG-MIB.txt > DISMAN-EVENT-MIB.txt RFC1155-SMI.txt > DISMAN-SCHEDULE-MIB.txt RFC1213-MIB.txt > DISMAN-SCRIPT-MIB.txtRFC-1215.txt > EtherLike-MIB.txtRMON-MIB.txt > HCNUM-TC.txt SCTP-MIB.txt > HOST-RESOURCES-MIB.txt SMUX-MIB.txt > HOST-RESOURCES-TYPES.txt SNMP-COMMUNITY-MIB.txt > IANA-ADDRESS-FAMILY-NUMBERS-MIB.txt SNMP-FRAMEWORK-MIB.txt > IANAifType-MIB.txt SNMP-MPD-MIB.txt > IANA-LANGUAGE-MIB.txtSNMP-NOTIFICATION-MIB.txt > IANA-RTPROTO-MIB.txt SNMP-PROXY-MIB.txt > IF-INVERTED-STACK-MIB.txtSNMP-TARGET-MIB.txt > IF-MIB.txt SNMP-USER-BASED-SM-MIB.txt > INET-ADDRESS-MIB.txt SNMP-USM-AES-MIB.txt > IP-FORWARD-MIB.txt SNMP-USM-DH-OBJECTS-MIB.txt > IP-MIB.txt SNMPv2-CONF.txt > IPV6-ICMP-MIB.txtSNMPv2-MIB.txt > IPV6-MIB.txt SNMPv2-SMI.txt > IPV6-TCP-MIB.txt SNMPv2-TC.txt > IPV6-TC.txt SNMPv2-TM.txt > IPV6-UDP-MIB.txt SNMP-VIEW-BASED-ACM-MIB.txt > LM-SENSORS-MIB.txt TCP-MIB.txt > MTA-MIB.txt TRANSPORT-ADDRESS-MIB.txt > NET-SNMP-AGENT-MIB.txt UCD-DEMO-MIB.txt > NET-SNMP-EXAMPLES-MIB.txtUCD-DISKIO-MIB.txt > NET-SNMP-EXTEND-MIB.txt UCD-DLMOD-MIB.txt > NET-SNMP-MIB.txt UCD-IPFWACC-MIB.txt > NET-SNMP-TC.txt UCD-SNMP-MIB.txt > NETWORK-SERVICES-MIB.txt UDP-MIB.txt > > > > all which should have been in the net-snmp package anyway, which you can > > easily verify what MIBs are available by default > > > > rpm -ql net-snmp > > > yes, what to look for in this output ? > > > > -- > Voytek > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 2:32 pm, DaZZa wrote: > You know, I gotta admit, I haven't tried to graph the host interface > on my Linux host., and I don't appear to be able to. > > Which is really weird, because I always remember Cacti being able to > do just that. I just haven't done it lately because I'm more interested in > switches/routers than hosts. > > You might be better asking at the Cacti support community > (http://forums.cacti.net). DaZZa, yes, I used to have mrtg chart i/f on a server before, and, I'm getting Cacti charting windoze PC... anyhow, I;ll try Cacti group later, thanks for trying. -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 9:12 am, Tony Sceats wrote: > what if you try to specifiy the Interface OID, with something like > > snmpwalk somehost -v1 -c public 1.3.6.1.2.1.2 Tony, thanks: # snmpwalk localhost -v1 -c public 1.3.6.1.2.1.2 # snmpwalk localhost -v2c -c public 1.3.6.1.2.1.2 IF-MIB::interfaces = No Such Object available on this agent at this OID > Also you should find lots of data here: > /usr/share/snmp/mibs/ yes: # ls /usr/share/snmp/mibs/ AGENTX-MIB.txt NOTIFICATION-LOG-MIB.txt DISMAN-EVENT-MIB.txt RFC1155-SMI.txt DISMAN-SCHEDULE-MIB.txt RFC1213-MIB.txt DISMAN-SCRIPT-MIB.txtRFC-1215.txt EtherLike-MIB.txtRMON-MIB.txt HCNUM-TC.txt SCTP-MIB.txt HOST-RESOURCES-MIB.txt SMUX-MIB.txt HOST-RESOURCES-TYPES.txt SNMP-COMMUNITY-MIB.txt IANA-ADDRESS-FAMILY-NUMBERS-MIB.txt SNMP-FRAMEWORK-MIB.txt IANAifType-MIB.txt SNMP-MPD-MIB.txt IANA-LANGUAGE-MIB.txtSNMP-NOTIFICATION-MIB.txt IANA-RTPROTO-MIB.txt SNMP-PROXY-MIB.txt IF-INVERTED-STACK-MIB.txtSNMP-TARGET-MIB.txt IF-MIB.txt SNMP-USER-BASED-SM-MIB.txt INET-ADDRESS-MIB.txt SNMP-USM-AES-MIB.txt IP-FORWARD-MIB.txt SNMP-USM-DH-OBJECTS-MIB.txt IP-MIB.txt SNMPv2-CONF.txt IPV6-ICMP-MIB.txtSNMPv2-MIB.txt IPV6-MIB.txt SNMPv2-SMI.txt IPV6-TCP-MIB.txt SNMPv2-TC.txt IPV6-TC.txt SNMPv2-TM.txt IPV6-UDP-MIB.txt SNMP-VIEW-BASED-ACM-MIB.txt LM-SENSORS-MIB.txt TCP-MIB.txt MTA-MIB.txt TRANSPORT-ADDRESS-MIB.txt NET-SNMP-AGENT-MIB.txt UCD-DEMO-MIB.txt NET-SNMP-EXAMPLES-MIB.txtUCD-DISKIO-MIB.txt NET-SNMP-EXTEND-MIB.txt UCD-DLMOD-MIB.txt NET-SNMP-MIB.txt UCD-IPFWACC-MIB.txt NET-SNMP-TC.txt UCD-SNMP-MIB.txt NETWORK-SERVICES-MIB.txt UDP-MIB.txt > all which should have been in the net-snmp package anyway, which you can > easily verify what MIBs are available by default > > rpm -ql net-snmp yes, what to look for in this output ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 9:07 am, DaZZa wrote: >>> Try creating it as either template type "Local Linux Host" or "ucd/net >>> SNMP host" instead. > They're standard Cacti device templates - when you create the device, > one of the drop-down boxes has a 'Template" option - those two should be in > it - see attached JPG. DaZZa, thanks for the pic, oops, silly me, I was looking under 'associated graph/data' at the bottom. OK, I create a new device, as 'ucd/net snmp host', but, still no go; I get: 1) Linux - Memory Usage 2) Unix - Load Average 3) Unix - Logged in Users 4) Unix - Processes then: 1) SNMP - Interface Statistics Success [0 Items, 0 Rows] 2) Unix - Get Mounted Partitions Success [6 Items, 3 Rows] debug query for I/face stats has: Data Query Debug Information + Running data query [1]. + Found type = '3' [snmp query]. + Found data query XML file at '/var/www/cacti/resource/snmp_queries/interface.xml' + XML file parsed ok. + Executing SNMP walk for list of indexes @ '.1.3.6.1.2.1.2.2.1.1' + No SNMP data returned + Found data query XML file at '/var/www/cacti/resource/snmp_queries/interface.xml' + Found data query XML file at '/var/www/cacti/resource/snmp_queries/interface.xml' + Found data query XML file at '/var/www/cacti/resource/snmp_queries/interface.xml' Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
what if you try to specifiy the Interface OID, with something like snmpwalk somehost -v1 -c public 1.3.6.1.2.1.2 Also you should find lots of data here: /usr/share/snmp/mibs/ all which should have been in the net-snmp package anyway, which you can easily verify what MIBs are available by default rpm -ql net-snmp On Thu, Sep 16, 2010 at 9:00 AM, Voytek Eymont wrote: > > On Thu, September 16, 2010 8:45 am, Tony Sceats wrote: > > you definitely need to setup snmpd.conf, although I'd be surprised if > > decent defaults weren't already there > > > > snmpwalk is a useful utility for debugging this stuff - you should > > basically get every snmp metric available by pointing this at your > > monitored machine, using the right snmp version and credentials of course > > > > On Thu, Sep 16, 2010 at 7:58 AM, Voytek Eymont wrote: > > > Tony, thanks > > the default conf works with default community, I get some info; > I can snmpwalk, just don't seem to see anything (that appears to be NIC) > > # snmpwalk -v 2c localhost -c public system > SNMPv2-MIB::sysDescr.0 = STRING: Linux centos 2.6.18-194.el5 #1 SMP Fri > Apr 2 14:58:35 EDT 2010 i686 > SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 > DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3027643) 8:24:36.43 > SNMPv2-MIB::sysContact.0 = STRING: sysadmin > SNMPv2-MIB::sysName.0 = STRING: centos > ... > > > -- > Voytek > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 8:45 am, Tony Sceats wrote: > you definitely need to setup snmpd.conf, although I'd be surprised if > decent defaults weren't already there > > snmpwalk is a useful utility for debugging this stuff - you should > basically get every snmp metric available by pointing this at your > monitored machine, using the right snmp version and credentials of course > > On Thu, Sep 16, 2010 at 7:58 AM, Voytek Eymont wrote: Tony, thanks the default conf works with default community, I get some info; I can snmpwalk, just don't seem to see anything (that appears to be NIC) # snmpwalk -v 2c localhost -c public system SNMPv2-MIB::sysDescr.0 = STRING: Linux centos 2.6.18-194.el5 #1 SMP Fri Apr 2 14:58:35 EDT 2010 i686 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3027643) 8:24:36.43 SNMPv2-MIB::sysContact.0 = STRING: sysadmin SNMPv2-MIB::sysName.0 = STRING: centos ... -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
On Thu, September 16, 2010 8:10 am, DaZZa wrote: > On Thu, Sep 16, 2010 at 7:58 AM, Voytek Eymont wrote: > Try creating it as either template type "Local Linux Host" or "ucd/net > SNMP host" instead. DaZZa, thanks, it doesn't seem to have such template, perhaps I need to import them, I'll try this later as I must go now, -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
start with the command like snmpwalk to see that snmp is working properly. as netsnmp allows you to not only have snmp v2 communities, but also IP and oid access lists. Dean On 9/15/2010, "Voytek Eymont" wrote: >I've setup a Centos 5 with Cacti, it all seems to work, but, when I try to >get interface info from the Centos host itself, I get nothing, what am I >missing ? > >Centos host is on 192.168.1.40, I've created a 'generic snmp host' in >Catci at 192.168.1.40, but, get "Success" though with "[0 Items, 0 Rows]" > >do I need to specifically enable something in /etc/snmp/snmpd.conf ? > >I'm getting snmp contact stuff, just nothing for the interface > > > >SNMP - Interface Statistics (Verbose Query) Uptime Goes Backwards >Success [0 Items, 0 Rows] > >Data Query Debug Information >+ Running data query [1]. >+ Found type = '3' [snmp query]. >+ Found data query XML file at >'/var/www/cacti/resource/snmp_queries/interface.xml' >+ XML file parsed ok. >+ Executing SNMP walk for list of indexes @ '.1.3.6.1.2.1.2.2.1.1' >+ No SNMP data returned >+ Found data query XML file at >'/var/www/cacti/resource/snmp_queries/interface.xml' >+ Found data query XML file at >'/var/www/cacti/resource/snmp_queries/interface.xml' >+ Found data query XML file at >'/var/www/cacti/resource/snmp_queries/interface.xml' > > >-- >Voytek > >-- >SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ >Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] enabling snmp on NIC ?
you definitely need to setup snmpd.conf, although I'd be surprised if decent defaults weren't already there snmpwalk is a useful utility for debugging this stuff - you should basically get every snmp metric available by pointing this at your monitored machine, using the right snmp version and credentials of course On Thu, Sep 16, 2010 at 7:58 AM, Voytek Eymont wrote: > I've setup a Centos 5 with Cacti, it all seems to work, but, when I try to > get interface info from the Centos host itself, I get nothing, what am I > missing ? > > Centos host is on 192.168.1.40, I've created a 'generic snmp host' in > Catci at 192.168.1.40, but, get "Success" though with "[0 Items, 0 Rows]" > > do I need to specifically enable something in /etc/snmp/snmpd.conf ? > > I'm getting snmp contact stuff, just nothing for the interface > > > > SNMP - Interface Statistics (Verbose Query) Uptime Goes > Backwards > Success [0 Items, 0 Rows] > > Data Query Debug Information > + Running data query [1]. > + Found type = '3' [snmp query]. > + Found data query XML file at > '/var/www/cacti/resource/snmp_queries/interface.xml' > + XML file parsed ok. > + Executing SNMP walk for list of indexes @ '.1.3.6.1.2.1.2.2.1.1' > + No SNMP data returned > + Found data query XML file at > '/var/www/cacti/resource/snmp_queries/interface.xml' > + Found data query XML file at > '/var/www/cacti/resource/snmp_queries/interface.xml' > + Found data query XML file at > '/var/www/cacti/resource/snmp_queries/interface.xml' > > > -- > Voytek > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html