/etc/snmp/snmpd.conf
configuration file. The default snmpd.conf
file shipped with Fedora 20 is heavily commented and serves as a good starting point for agent configuration.
snmpconf
which can be used to interactively generate a valid agent configuration.
snmpwalk
utility described in this section.
Applying the changes
snmpd
service to re-read the configuration by running the following command as root
:
systemctl
reload
snmpd.service
system
tree. For example, the following snmpwalk
command shows the system
tree with a default agent configuration.
~]# snmpwalk -v2c -c public localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux localhost.localdomain 2.6.32-122.el6.x86_64 #1 SMP Wed Mar 9 23:54:34 EST 2011 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (99554) 0:16:35.54
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: localhost.localdomain
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
sysName
object is set to the hostname. The sysLocation
and sysContact
objects can be configured in the /etc/snmp/snmpd.conf
file by changing the value of the syslocation
and syscontact
directives, for example:
syslocation Datacenter, Row 3, Rack 2 syscontact UNIX Admin <admin@example.com>
snmpwalk
command again:
~]#systemct reload snmpd.service
~]#snmpwalk -v2c -c public localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux localhost.localdomain 2.6.32-122.el6.x86_64 #1 SMP Wed Mar 9 23:54:34 EST 2011 x86_64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (158357) 0:26:23.57 SNMPv2-MIB::sysContact.0 = STRING: UNIX Admin <admin@example.com> SNMPv2-MIB::sysName.0 = STRING: localhost.localdomain SNMPv2-MIB::sysLocation.0 = STRING: Datacenter, Row 3, Rack 2
rocommunity
or rwcommunity
directive in the /etc/snmp/snmpd.conf
configuration file. The format of the directives is the following:
directive community [source [OID]]
system
tree to a client using the community string “redhat” on the local machine:
rocommunity redhat 127.0.0.1 .1.3.6.1.2.1.1
snmpwalk
command with the -v
and -c
options.
~]# snmpwalk -v2c -c redhat localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux localhost.localdomain 2.6.32-122.el6.x86_64 #1 SMP Wed Mar 9 23:54:34 EST 2011 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (158357) 0:26:23.57
SNMPv2-MIB::sysContact.0 = STRING: UNIX Admin <admin@example.com>
SNMPv2-MIB::sysName.0 = STRING: localhost.localdomain
SNMPv2-MIB::sysLocation.0 = STRING: Datacenter, Row 3, Rack 2
net-snmp-create-v3-user
command. This command adds entries to the /var/lib/net-snmp/snmpd.conf
and /etc/snmp/snmpd.conf
files which create the user and grant access to the user. Note that the net-snmp-create-v3-user
command may only be run when the agent is not running. The following example creates the “sysadmin” user with the password “redhatsnmp”:
~]#systemctl stop snmpd.service
~]#net-snmp-create-v3-user
Enter a SNMPv3 user name to create: admin Enter authentication pass-phrase: redhatsnmp Enter encryption pass-phrase: [press return to reuse the authentication pass-phrase] adding the following line to /var/lib/net-snmp/snmpd.conf: createUser admin MD5 "redhatsnmp" DES adding the following line to /etc/snmp/snmpd.conf: rwuser admin ~]#systemctl start snmpd.service
rwuser
directive (or rouser
when the -ro
command line option is supplied) that net-snmp-create-v3-user
adds to /etc/snmp/snmpd.conf
has a similar format to the rwcommunity
and rocommunity
directives:
directive user [noauth
|auth
|priv
] [OID]
auth
option). The noauth
option allows you to permit unauthenticated requests, and the priv
option enforces the use of encryption. The authpriv
option specifies that requests must be authenticated and replies should be encrypted.
rwuser admin authpriv .1
.snmp
directory in your user's home directory and a configuration file named snmp.conf
in that directory (~/.snmp/snmp.conf
) with the following lines:
defVersion 3 defSecurityLevel authPriv defSecurityName admin defPassphrase redhatsnmp
snmpwalk
command will now use these authentication settings when querying the agent:
~]$ snmpwalk -v3 localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux localhost.localdomain 2.6.32-122.el6.x86_64 #1 SMP Wed Mar 9 23:54:34 EST 2011 x86_64
[output truncated]