How To Install and Configure SNMP on CentOS

SNMP 101: The Basics
I. How To Install and Configure SNMP on CentOS
II. How To Change the SNMP Port on CentOS

Introduction

SNMP, or Simple Network Management Protocol, is widely used to communicate with and monitor network devices, servers, and more, all via IP. In this case, we’ll be installing an SNMP agent on a CentOS 6.5 server, which will allow for collection of data from our server, and make the information available to a remote SNMP manager.

Pre-Flight Check

  • These instructions are intended for installing SNMP and doing a very basic configuration.
  • I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.

Install SNMP and SNMP Utilities

Installing SNMP and some optional SNMP utilities is as simple as running one command:

yum -y install net-snmp net-snmp-utils

Add a Basic Configuration for SNMP

Now, let’s take the default SNMP configuration file, /etc/snmp/snmpd.conf and move it to an alternate location, /etc/snmp/snmpd.conf.orig.

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

And now we’ll create a new /etc/snmp/snmpd.conf:

vim /etc/snmp/snmpd.conf

For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor

Insert the following text into the new /etc/snmp/snmpd.conf

# Map 'idv90we3rnov90wer' community to the 'ConfigUser'
# Map '209ijvfwer0df92jd' community to the 'AllUser'
#       sec.name        source          community
com2sec ConfigUser      default         idv90we3rnov90wer
com2sec AllUser         default         209ijvfwer0df92jd
# Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
# Map 'AllUser' to 'AllGroup' for SNMP Version 2c
#                       sec.model       sec.name
group   ConfigGroup     v2c             ConfigUser
group   AllGroup        v2c             AllUser
# Define 'SystemView', which includes everything under .1.3.6.1.2.1.1 (or .1.3.6.1.2.1.25.1)
# Define 'AllView', which includes everything under .1
#                       incl/excl       subtree
view    SystemView      included        .1.3.6.1.2.1.1
view    SystemView      included        .1.3.6.1.2.1.25.1.1
view    AllView         included        .1
# Give 'ConfigGroup' read access to objects in the view 'SystemView'
# Give 'AllGroup' read access to objects in the view 'AllView'
#                       context model   level   prefix  read            write   notify
access  ConfigGroup     ""      any     noauth  exact   SystemView      none    none
access  AllGroup        ""      any     noauth  exact   AllView         none    none

The above text is noted with basic information on the function of each configuration line. In short, we’re creating two scenarios for polling information from SNMP version 2c.

Note: SNMPv2c contains some security enhancements over SNMPv1 but uses the existing SNMPv1 administration structure, which is “community” based. Areas of improvement include: transport mappings, protocol packet types, and MIB structure elements.

In the first scenario: ConfigUser is assigned to ConfigGroup and may only use SNMP security model 2c, ConfigGroup can use the SystemView, SystemView is assigned to two OID sub-trees, and all of this is referenced in an SNMP poll by the secret, and unique community string idv90we3rnov90wer.

In the second scenario: AllUser is assigned to AllGroup and may only use SNMP security model 2c, AllGroup can use the AllView, AllView is assigned to the entire OID tree, and all of this is referenced in an SNMP poll by the secret, and unique community string 209ijvfwer0df92jd.

Important Tip: Be ABSOLUTELY SURE that you choose a unique community string and replace the community strings in the above examples. Keep each secret, and keep each safe.

Exit vim, and restart the SNMP service to reload the new configuration file:

service snmpd restart

Configure SNMP to start when the server boots:

chkconfig snmpd on

Test the SNMP Configuration

Now let’s test the SNMP configuration… try running the following two commands:

snmpwalk -v 2c -c idv90we3rnov90wer -O e 127.0.0.1
snmpwalk -v 2c -c 209ijvfwer0df92jd -O e 127.0.0.1

Note: The default port for SNMP is 161 and 162. If you’re going to connect to SNMP from a remote server, be sure your server’s firewall has the appropriate ports open.

The result for your first command should be about 33 lines, and contain some basic system information. The result for the second command should contain a lot more information about your system, and will likely be thousands of lines.

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.