How To Install and Configure SNMP on CentOS

Posted on October 4, 2019 by Justin Palmer | Updated: July 12, 2021

Category: Tutorials | Tags: CentOS, CentOS 6, Command-line, Monitoring, Network, Network Utility, Networking, Port, Security, Simple Network Management Protocol, snmp, SNMPv2c

SNMP 101: The Basics

How To Install and Configure SNMP on CentOS
How To Change the SNMP Port on CentOS

Reading Time: 3 minutes

Introduction

SNMP, or Simple Network Management Protocol, is widely used to communicate with and monitor network devices, dedicated servers, and more, all via IP. In this case, we'll be installing an SNMP agent on a CentOS VPS server, which will allow for collection of data from our server, and make the information available to a remote SNMP manager.

Pre-Flight Check

These instructions are intended for installing SNMP and doing a very basic configuration.
I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I'll be logged in as root.

How To Install and Configure SNMP on CentOS

Install SNMP and SNMP Utilities

Installing SNMP and some optional SNMP utilities is as simple as running one command:

yum -y install net-snmp net-snmp-utils

Add a Basic Configuration for SNMP

Now, let's take the default SNMP configuration file, /etc/snmp/snmpd.conf and move it to an alternate location, /etc/snmp/snmpd.conf.orig.

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

And now we'll create a new /etc/snmp/snmpd.conf:

vim /etc/snmp/snmpd.conf

For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor

Insert the following text into the new /etc/snmp/snmpd.conf

# Map 'idv90we3rnov90wer' community to the 'ConfigUser'
 # Map '209ijvfwer0df92jd' community to the 'AllUser'
 #       sec.name        source          community
 com2sec ConfigUser      default         idv90we3rnov90wer
 com2sec AllUser         default         209ijvfwer0df92jd
 # Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
 # Map 'AllUser' to 'AllGroup' for SNMP Version 2c
 #                       sec.model       sec.name
 group   ConfigGroup     v2c             ConfigUser
 group   AllGroup        v2c             AllUser
 # Define 'SystemView', which includes everything under .1.3.6.1.2.1.1 (or .1.3.6.1.2.1.25.1)
 # Define 'AllView', which includes everything under .1
 #                       incl/excl       subtree
 view    SystemView      included        .1.3.6.1.2.1.1
 view    SystemView      included        .1.3.6.1.2.1.25.1.1
 view    AllView         included        .1
 # Give 'ConfigGroup' read access to objects in the view 'SystemView'
 # Give 'AllGroup' read access to objects in the view 'AllView'
 #                       context model   level   prefix  read            write   notify
 access  ConfigGroup     ""      any     noauth  exact   SystemView      none    none
 access  AllGroup        ""      any     noauth  exact   AllView         none    none

The above text is noted with basic information on the function of each configuration line. In short, we're creating two scenarios for polling information from SNMP version 2c.

Note:

SNMPv2c contains some security enhancements over SNMPv1 but uses the existing SNMPv1 administration structure, which is “community” based. Areas of improvement include: transport mappings, protocol packet types, and MIB structure elements.

In the first scenario: ConfigUser is assigned to ConfigGroup and may only use SNMP security model 2c, ConfigGroup can use the SystemView, SystemView is assigned to two OID sub-trees, and all of this is referenced in an SNMP poll by the secret, and unique community string idv90we3rnov90wer.

In the second scenario: AllUser is assigned to AllGroup and may only use SNMP security model 2c, AllGroup can use the AllView, AllView is assigned to the entire OID tree, and all of this is referenced in an SNMP poll by the secret, and unique community string 209ijvfwer0df92jd.

Note:

Be ABSOLUTELY SURE that you choose a unique community string and replace the community strings in the above examples. Keep each secret, and keep each safe.

Exit vim, and restart the SNMP service to reload the new configuration file:

service snmpd restart

Configure SNMP to start when the server boots:

chkconfig snmpd on

Test the SNMP Configuration

Now let's test the SNMP configuration... try running the following two commands.

snmpwalk -v 2c -c idv90we3rnov90wer -O e 127.0.0.1

snmpwalk -v 2c -c 209ijvfwer0df92jd -O e 127.0.0.1

Note:

The default port for SNMP is 161 and 162. If you’re going to connect to SNMP from a remote server, be sure your server’s firewall has the appropriate ports open.

The result for your first command should be about 33 lines, and contain some basic system information. The result for the second command should contain a lot more information about your system, and will likely be thousands of lines.

When a standard Cloud VPS is not enough, a cloud dedicated server hosting platform is a dream come true. Additionally, a Liquid Web HIPAA compliant server hosting platform outmatches the competition on both performance and security. Check out how our Dedicated Servers can skyrocket your site’s performance.

Give us a call at 800.580.4985, or open a chat or ticket with us to speak with one of our knowledgeable Solutions or Experienced Hosting advisors to learn how you can take advantage of these techniques today!

Series Navigation

Next Article >>