How to implement SNMP monitoring to augment network monitoring tools

Network monitoring tools put agents on the devices they track. Augment this data by enabling SNMP monitoring on devices that don't support agents.

SNMP monitoring allows network administrators to keep tabs on all of their network devices, even those that cannot support monitoring agents.

Network monitoring tools, such as Nagios and Zabbix, drop an agent on each device they track. Certain network routers, appliances and other devices won't support an agent. SNMP, or simple network management protocol, is an alternative to agents for network monitoring, and most tools integrate SNMP information if you initiate it.

The SNMP network monitoring standard runs on appliances and embedded devices, as well as generic servers. While many devices support SNMP monitoring, it's usually turned off by default. Go into the device's configuration information to switch on SNMP support.

How to find SNMP monitoring parameters

To start monitoring your network with SNMP, try the open source Net-SNMP functionality test tool. It is available for most Linux distributions, or you can install it with a local package installer, such as zypper install net-snmp on OpenSUSE.

Linux also offers several generic tools to test SNMP. To use these tools against an SNMP daemon that runs on a Linux box, configure the snmpd process to accept connections from machines other than just localhost. Open the configuration file /etc/snmp/snmp.conf and make sure it includes:

agentAddress udp:161,udp6:[::1]:161
rocommunity public default

Restart the snmpd service, and then call up status information using the snmpstatus command:

[[email protected] ~]# snmpstatus -v 2c -c public
[UDP: []:161->[]:60891]=>[Linux susemanagerdemo 3.4.6-2.10-desktop #1 SMP PREEMPT Thu Jul 26 09:36:26 UTC 2012 (641c197) x86_64] Up: 0:05:28.42
Interfaces: 0, Recv/Trans packets: 0/0 | IP: 0/0

Object IDs (OIDs) are the parameters of a device that SNMP can manage. OIDs are documented in the Management Information Base (MIB). Use the snmpwalk command to obtain a list of all the OID parameters a device offers:

[[email protected] ~]# snmpwalk -v 2c -c public
SNMPv2-MIB::sysDescr.0 = STRING: Linux susemanagerdemo 3.4.6-2.10-desktop #1 SMP PREEMPT Thu Jul 26 09:36:26 UTC 2012 (641c197) x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (68713) 0:11:27.13
SNMPv2-MIB::sysContact.0 = STRING: Me <[email protected]>SNMPv2-MIB::sysName.0 = STRING: susemanagerdemo
SNMPv2-MIB::sysLocation.0 = STRING: Sitting on the Dock of the Bay
SNMPv2-MIB::sysServices.0 = INTEGER: 72
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDMIBObjects.3.1.1
SNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.6 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.9 = OID: SNMP-NOTIFICATION-MIB::snmpNotifyFullCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.3 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.6 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.7 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.8 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.9 = STRING: The MIB modules for managing SNMP Notification, plus filtering.
SNMPv2-MIB::sysORDescr.10 = STRING: The MIB module for logging SNMP Notifications.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.9 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.10 = Timeticks: (1) 0:00:00.01
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (171232) 0:28:32.32
HOST-RESOURCES-MIB::hrSystemDate.0 = STRING: 2013-1-5,10:34:35.0,+1:0
HOST-RESOURCES-MIB::hrSystemInitialLoadDevice.0 = INTEGER: 1536
HOST-RESOURCES-MIB::hrSystemInitialLoadParameters.0 = STRING: "BOOT_IMAGE=/vmlinuz-3.4.6-2.10-desktop root=UUID=743d86bf-1b4c-4898-8190-439aead4bd1f video=1366x768 resume=/dev/disk/by-id/ata-"
HOST-RESOURCES-MIB::hrSystemNumUsers.0 = Gauge32: 3
HOST-RESOURCES-MIB::hrSystemProcesses.0 = Gauge32: 85
HOST-RESOURCES-MIB::hrSystemMaxProcesses.0 = INTEGER: 0
HOST-RESOURCES-MIB::hrSystemMaxProcesses.0 = No more variables left in this MIB View (It is past the end of the MIB tree)

Different MIBs house the specified OIDs for a device. You can learn more about the device's parameters by digging into the OIDs. For example, the sysName.0 OID appears in the snmpwalk output line: "SNMPv2-MIB::sysName.0 = STRING: susemanagerdemo". This OID comes from the SNMPv2-MIB and has the value "STRING:susemanagerdemo".

To find out more about a specific OID, use the snmpget command:

[[email protected] ~]# snmpget -v 2c -c public -Of SNMPv2-MIB::sysName.0
.iso.org.dod.internet.mgmt.mib-2.system.sysName.0 = STRING: susemanagerdemo

This command shows you the worldwide unique identifier for the OID, in this case: ".iso.org.dod.internet.mgmt.mib-2.system.sysName.0". This identifier appears quite frequently in its numeric notation as well, which you can request via the snmpget command with the -On parameter:

[[email protected] ~]# snmpget -v 2c -c public -On SNMPv2-MIB::sysName.0
. = STRING: susemanagerdemo

With this understanding of SNMP in Linux environments, network administrators can tell their network monitoring tool of choice to automatically monitor SNMP devices, providing deeper insight into network operations.

About the author:

Sander van Vugt is an independent trainer and consultant based in the Netherlands. He is an expert in Linux high availability, virtualization and performance. He has authored many books on Linux topics, including Beginning the Linux Command LineBeginning Ubuntu LTS Server Administration and Pro Ubuntu Server Administration.

[email protected]

Dig Deeper on SDN and other network strategies