II. How To Change the SNMP Port on CentOS
SNMP, or Simple Network Management Protocol, is widely used to communicate with and monitor network devices, servers, and more, all via IP. In this case, we’ll be installing an SNMP agent on a CentOS 6.5 server, which will allow for collection of data from our server, and make the information available to a remote SNMP manager.
- These instructions are intended for installing SNMP and doing a very basic configuration.
- I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
Install SNMP and SNMP Utilities
Installing SNMP and some optional SNMP utilities is as simple as running one command:
yum -y install net-snmp net-snmp-utils
Add a Basic Configuration for SNMP
Now, let’s take the default SNMP configuration file, /etc/snmp/snmpd.conf and move it to an alternate location, /etc/snmp/snmpd.conf.orig.
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
And now we’ll create a new /etc/snmp/snmpd.conf:
Insert the following text into the new /etc/snmp/snmpd.conf
# Map 'idv90we3rnov90wer' community to the 'ConfigUser'
# Map '209ijvfwer0df92jd' community to the 'AllUser'
# sec.name source community
com2sec ConfigUser default idv90we3rnov90wer
com2sec AllUser default 209ijvfwer0df92jd
# Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
# Map 'AllUser' to 'AllGroup' for SNMP Version 2c
# sec.model sec.name
group ConfigGroup v2c ConfigUser
group AllGroup v2c AllUser
# Define 'SystemView', which includes everything under .188.8.131.52.2.1.1 (or .184.108.40.206.220.127.116.11)
# Define 'AllView', which includes everything under .1
# incl/excl subtree
view SystemView included .18.104.22.168.2.1.1
view SystemView included .22.214.171.124.126.96.36.199.1
view AllView included .1
# Give 'ConfigGroup' read access to objects in the view 'SystemView'
# Give 'AllGroup' read access to objects in the view 'AllView'
# context model level prefix read write notify
access ConfigGroup "" any noauth exact SystemView none none
access AllGroup "" any noauth exact AllView none none
The above text is noted with basic information on the function of each configuration line. In short, we’re creating two scenarios for polling information from SNMP version 2c.
In the first scenario: ConfigUser is assigned to ConfigGroup and may only use SNMP security model 2c, ConfigGroup can use the SystemView, SystemView is assigned to two OID sub-trees, and all of this is referenced in an SNMP poll by the secret, and unique community string idv90we3rnov90wer.
In the second scenario: AllUser is assigned to AllGroup and may only use SNMP security model 2c, AllGroup can use the AllView, AllView is assigned to the entire OID tree, and all of this is referenced in an SNMP poll by the secret, and unique community string 209ijvfwer0df92jd.
Exit vim, and restart the SNMP service to reload the new configuration file:
service snmpd restart
Configure SNMP to start when the server boots:
chkconfig snmpd on
Test the SNMP Configuration
Now let’s test the SNMP configuration… try running the following two commands:
snmpwalk -v 2c -c idv90we3rnov90wer -O e 127.0.0.1
snmpwalk -v 2c -c 209ijvfwer0df92jd -O e 127.0.0.1
The result for your first command should be about 33 lines, and contain some basic system information. The result for the second command should contain a lot more information about your system, and will likely be thousands of lines.
Tagged with: centos • centos 6 • monitoring • security • snmp • SNMPv2c