Log in with one-time password
1
Enter Email address
2
Generate Password
3
Enter Password
New users please click here to register!
Mutiny

Setting up SNMP

In order to get the most out of your installation it is preferable to have your systems ready for SNMP Monitoring.

Vendors that provide SNMP management support have different methods for enabling the service and access to it.

We aim to assist in the set-up of common systems here, but you may need to refer to manufacturers documentation in some cases.

Before embarking on a roll-out of SNMP please refer to our SNMP security guidelines at
https://www.mutiny.com/PDFs/GuidelinePolicyOnTheUseOfSNMP.pdf

Terms

Manager - The ipaddress of the monitoring system
Community String - access password for the service
Read Only - as it suggests this is a restriction on the ability to send configuration commands
Read Write - Allows configuration changes . NOT required for Mutiny installations
Traps - Alert messages sent by the device. Point to Mutiny address.

Windows 2000/2003 Servers

With windows 2000 the SNMP service is normally installed and running with "public" as the community string and no restriction on access.

If not installed the service can be added from;
[Control Panels]=>[Add or Remove Programs]=>[Windows Components]=>[Management & Monitoring Tools]=>[Simple Network Management Protocol]

Without some minor configuration your Windows 2003 servers are not fully discovered.
This is because the default security on 2003 is tighter.

To allow Mutiny to monitor 2003 SNMP do the following;

1. Connect to your 2003 server as administrator and open the "Services" snap-in and scroll down to the SNMP service.
2. Select the |Security| tab and you will see 2 sections.
3. In the upper section you can define the SNMP Community String (password). Windows 2000 used "public".
4. In the lower section use the [Add] button to add the IP address of the Mutiny server.
5. Apply the changes and close the properties window.
6. Right click on the SNMP service and select "Restart" to effect the changes.

Link to HP Insight agents for HP hardware monitoring.

Windows 2008/2012 Servers

As 2003 but you need to add the service from the add service/features and you also need to edit the firewall policy to allow domain access to the SNMP service for polling.

Linux Hosts

Most linux distributions use NET SNMP as the default installed SNMP agent, generally all that is required to make these work is to know the community string that has been set up. However, the standard config files do not provide much more than basic system information and therefore we have provided a set of configuration files that you can edit to give you CPU disk and memory values were available. snmp configuration files.

Checkpoint Firewall

General SNMP info

How_To_Configure_SNMP_on_IP_Appliances.pdf

Cisco IOS

There are a few options regarding access control lists etc, but basically do the following;

1. Telnet to your device and login with your password.
2. type "en" and return to enter enabled mode.
3. Enter your enable password.
4. Type "sh run" to display the running config. Look for the line "snmp-server community ....." to see if the service is already configured, if not;
5. type "conf t" to enter config mode from a terminal.
6. paste in the following lines one at a time. Comments in italics

access-list 10 permit (mutinyipaddress)
make sure access list 10 is not already used in the running config choose another number if necessary and use the number at the end of the next command.
snmp-server community public ro 10
logging trap warnings

7. do a ctrl-Z to leave config mode.
8. type "copy run star" to write the config to the startup config.
9. Type "exit" to leave

The command "logging trap warnings" adds additional alert traps to be sent to mutiny some useful ones include;

  • Authentication failures
  • Configuration changes
  • Transient link failures

Cisco Nexus

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/sm_snmp.html

VMware ESX Server

VMware includes SNMP monitoring it just needs a small amount of configuration.

1. Enable or install SNMP on VMware; Documentation
see also; this KB article that includes the firewall settings.

VMware ESXi 5/6 (does not apply to free hypervisor version)

Using the Vsphere remote cli run the following commands to the host;

vicfg-snmp.pl --server hostname --username username --password password -c public

vicfg-snmp.pl --server hostname --username username --password password --enable

Replace public with the community name you wish to set. Each time you specify a community with this command, the settings you specify overwrite the previous configuration.

The two commands above should be enough to enable the host. Then either add the host to mutiny or reset polling with recalculate thresholds if it already exists.

The following command is useful if you need to use a custom SNMP port

vicfg-snmp.pl --server hostname --username username --password password -p 161

To send traps to mutiny use

vicfg-snmp.pl --server hostname --username username --password password -t your.mutiny.add@162/public

Remember to add the Mutiny Trap agent to the list of agents on the node in Mutiny.

further reading at; vSphere Documentation Centre

Citrix Xenserver

http://support.citrix.com/article/CTX122337

Other sources of reference

http://www.net-snmp.org/wiki/index.php/Main_Page#The_Net-SNMP_Wiki NET-SNMP for unix variants