SNMP - marko4449/Documentation2 GitHub Wiki
SNMPv3 authentication with clients
check why opennms takes too long to startup
grafana
production server püsti
refresh rate node leidmisel
SNMP works on port 161 UDP, operates in the application layer.
Traps and InformRequests work on port 162.
Trap- when the information is sent to the server without a query. For example: a machine is down.
InformRequests - Since UDP doesn't confirm that a packet is sent back then this is where informrequest comes in. It fixes this by sending back an aknowledgement receipt.
Agent - a process that monitors devices for problems and sends alerts to a monitoring station. community strings - similar to passwords.
polling - nms that asks devices for their status
management station - software configure to receive and collect information sent from SNMP agents.
Management information base(MIB) - database used for managing the entities in a communication network.
GET - request sent by the manager
GET NEXT - retrieves the next value in the MIB tree
Version 1,2 - poor security, authentication is performed by a community string(factory shipped machines have a read only string set as "public").
Version 2c - most commonly used, enhanced protocol handling.
Version 3 - added security feature(authentication) but more complex to configure.
ufw allow snmp/udp
vim etc/snmp/snmpd.conf
rocommunity public
agentaddress udp:127.0.0.1 comment in
agentaddress udp:161 comment out
apt-get install libsnmp-dev
systemctl stop snmpd
net-snmp-config --create-snmpv3-user -ro -A $parool $kasutaja
net-snmp-config --create-snmpv3-user -ro -a SHA -x $privpass -X AES -A $parool $kasutaja
-ro = read only
testing if it was setup properly.
snmpwalk -u $kasutaja -A $parool -a MD5/SHA -l authnoPriv $ip -v3
noAuthNoPriv - This security level simply means that there is no authentication password exchanged and the communications between the agent and the server are not encrypted. The SNMP requests are authorized based on a simple username string match.
authNoPriv - password authentication is used based on either MD5 or SHA hash authentication and no encryption is used for communications between the devices.
authPriv - authentication is hash based the same as #2 but the communications between the agent and the server are also encrypted. the encryption of the traffic between the two nodes will required a crypto software image on the devices.
If the graphs arent showing at all(gray screen) check the rrdtool if its set to 1.2 not 1.0
Centos snmp user file: /var/lib/net-snmp/snmpd.conf
Debian snmp user file: /var/lib/snmp/snmpd.conf
https://wiki.opennms.org/wiki/Upgrade_Guide:_20_to_21
If the dashboard isn't working then follow these instructions:
`systemctl stop opennms`
`cd /usr/share/opennms/data`
`rm -rf *`
`systemctl start opennms`
Other potential fix is to enable cache clean
vim /etc/opennms/system.properties
karaf.clean.cache = true
Iptable
iptables -I INPUT -p tcp -m tcp --dport 8980 -j ACCEPT
snmptrapd -A -Lf /var/log/snmptrapd.log -p /var/run/snmptrapd.pid
https://www.linuxquestions.org/questions/linux-server-73/sending-snmp-traps-849980/
for the availablity view on the start page its 99.99 & 97 in categories.xml.
vim /etc/opennms/poller-configuration.xml
/var/lib/opennms/mibs/pending