Dies ist eine alte Version des Dokuments!
Icinga 2 - Netzwerkmonitoring mit Hilfe von SNMP
SNMP1) ist ein, von der IETF entwickeltes, Netzwerkprotokoll um Netzwerkelemente (Server, Switche, Router, Drucker, Rechner etc.) von einer zentralen Station aus überwachen und steuern zu können. Weiter Informationen findet man im folgenden Wikipedia-Artikel.
Bei dem folgendem Konfigurationsbeispiel wollen wir uns die Konfiguration von snmp unter CentOS 7 etwas genauer ansehen. Ziel wird sein den Netzwerktraffic einzelner Ports auf unserem Netzwerkswitch zu überwachen.
Konfiguration Netzwerkswitch
In diesem Konfigurationsbeispiel werden wir an einem tp-link Jetstream-48-Port-Gigabit-Smart-PoE+-Switch T1600G-52PS zuerst einmal die Einstellungen für den SNMP-Zugriff einrichten. Wichtige Hinweise finden sich hierzu in der User Guide des Switches.
Entsprechend der Dokumentation erstellen wir die beiden Engine IDs
und aktivieren SNMP
in der Global Config.
Als nächstes definieren wir uns eine SNMP-Gruppe mit Security-Level v3.
Im Anschluss erfolgt dann die Konfiguration unseres SNMP-Users, den wir ebenfalls als Security-Level v3 festlegen und der zu vor erstellten SNMP-Gruppe zuweisen.
SNMP-Clientkonfiguration des CentOS 7 Hosts
Zur Abfrage unseres Netzwerkswitchs auf der Konsole unseres [[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-system_monitoring_tools-net-snmp|CentOS 7 Hosts] werden wir die beiden Befehle snmpwalk
und snmpget
verwenden. Diese finden sich in dem RPM net-snmp-utils.
Wir installieren also dieses Paket mit Hilfe des Paketverwaltungstool YUM.
# yum install net-snmp-utils
snmpwalk (Version 3)
Mit Hilfe von snmpwalk
können wir den Informationsbaum einer Netzwerkeinheit abfragen. Näheres zu dem Befehl finden wir in der zugehörigen Manpage.
# man snmpwalk
SNMPWALK(1) Net-SNMP SNMPWALK(1) NAME snmpwalk - retrieve a subtree of management values using SNMP GETNEXT requests SYNOPSIS snmpwalk [APPLICATION OPTIONS] [COMMON OPTIONS] AGENT [OID] DESCRIPTION snmpwalk is an SNMP application that uses SNMP GETNEXT requests to query a network entity for a tree of information. An object identifier (OID) may be given on the command line. This OID specifies which portion of the object identifier space will be searched using GETNEXT requests. All variables in the subtree below the given OID are queried and their values pre‐ sented to the user. Each variable name is given in the format specified in variables(5). If no OID argument is present, snmpwalk will search the subtree rooted at SNMPv2-SMI::mib-2 (including any MIB object values from other MIB modules, that are defined as lying within this subtree). If the network entity has an error processing the request packet, an error packet will be returned and a message will be shown, helping to pinpoint why the request was mal‐ formed. If the tree search causes attempts to search beyond the end of the MIB, the message "End of MIB" will be displayed. OPTIONS -Cc Do not check whether the returned OIDs are increasing. Some agents (LaserJets are an example) return OIDs out of order, but can complete the walk anyway. Other agents return OIDs that are out of order and can cause snmpwalk to loop indefinitely. By default, snmpwalk tries to detect this behavior and warns you when it hits an agent acting illegally. Use -Cc to turn off this check. -CE {OID} End the walk at the specified OID, rather than a simple subtree. This can be used to walk a partial subtree, selected columns of a table, or even two or more tables within a single command. -Ci Include the given OID in the search range. Normally snmpwalk uses GETNEXT requests starting with the OID you speci‐ fied and returns all results in the MIB subtree rooted at that OID. Sometimes, you may wish to include the OID speci‐ fied on the command line in the printed results if it is a valid OID in the tree itself. This option lets you do this explicitly. -CI In fact, the given OID will be retrieved automatically if the main subtree walk returns no useable values. This allows a walk of a single instance to behave as generally expected, and return the specified instance value. This option turns off this final GET request, so a walk of a single instance will return nothing. -Cp Upon completion of the walk, print the number of variables found. -Ct Upon completion of the walk, print the total wall-clock time it took to collect the data (in seconds). Note that the timer is started just before the beginning of the data request series and stopped just after it finishes. Most impor‐ tantly, this means that it does not include snmp library initialization, shutdown, argument processing, and any other overhead. In addition to these options, snmpwalk takes the common options described in the snmpcmd(1) manual page. EXAMPLES Note that snmpbulkget REQUIRES an argument specifying the agent to query and at most one OID argument, as described there. The command: snmpwalk -Os -c public -v 1 zeus system will retrieve all of the variables under system: sysDescr.0 = STRING: "SunOS zeus.net.cmu.edu 4.1.3_U1 1 sun4m" sysObjectID.0 = OID: enterprises.hp.nm.hpsystem.10.1.1 sysUpTime.0 = Timeticks: (155274552) 17 days, 23:19:05 sysContact.0 = STRING: "" sysName.0 = STRING: "zeus.net.cmu.edu" sysLocation.0 = STRING: "" sysServices.0 = INTEGER: 72 (plus the contents of the sysORTable). The command: snmpwalk -Os -c public -v 1 -CE sysORTable zeus system will retrieve the scalar values, but omit the sysORTable. SEE ALSO snmpcmd(1), snmpbulkwalk(1), variables(5). V5.7.2 28 May 2007 SNMPWALK(1)
# snmpwalk -v3 -l authPriv -u monwalk -a SHA -A 1mi55MY8357fr13nd511V14 -x DES -X 1mi55MY8357fr13nd511V14 10.10.10.106
SNMPv2-MIB::sysDescr.0 = STRING: JetStream 48-Port Gigabit Smart PoE Switch with 4 SFP Slots SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.11863.5.38 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1690156216) 195 days, 14:52:42.16 SNMPv2-MIB::sysContact.0 = STRING: django@mailserver.guru SNMPv2-MIB::sysName.0 = STRING: switch_intranet SNMPv2-MIB::sysLocation.0 = STRING: 933k - HE 07 SNMPv2-MIB::sysServices.0 = INTEGER: 3 IF-MIB::ifNumber.0 = INTEGER: 53 IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.49153 = INTEGER: 49153 IF-MIB::ifIndex.49154 = INTEGER: 49154 IF-MIB::ifIndex.49155 = INTEGER: 49155 IF-MIB::ifIndex.49156 = INTEGER: 49156 ...
snmpget (Version 3)
snmpget
ist eine SNMP-Anwendung, die die SNMP-GET-Anforderung zur Abfrage von Informationen über eine Netzwerkeinheit verwendet. Eine oder mehrere Objektkennungen (OIDs) können als Argumente auf der Befehlszeile angegeben werden.
Näheres zu dem Befehl finden wir auch hier in der zugehörigen Manpage.
# man snmpget
SNMPGET(1) Net-SNMP SNMPGET(1) NAME snmpget - communicates with a network entity using SNMP GET requests SYNOPSIS snmpget [COMMON OPTIONS] [-Cf] AGENT OID [OID]... DESCRIPTION snmpget is an SNMP application that uses the SNMP GET request to query for information on a network entity. One or more object identifiers (OIDs) may be given as arguments on the command line. Each variable name is given in the format specified in variables(5). OPTIONS -Cf If -Cf is not specified, some applications (snmpdelta, snmpget, snmpgetnext and snmpstatus) will try to fix errors returned by the agent that you were talking to and resend the request. The only time this is really useful is if you specified a OID that didn't exist in your request and you're using SNMPv1 which requires "all or nothing" kinds of requests. In addition to this option, snmpget takes the common options described in the snmpcmd(1) manual page. Note that snmpget REQUIRES an argument specifying the agent to query and at least one OID argument, as described there. EXAMPLES The command: snmpget -c public zeus system.sysDescr.0 will retrieve the variable system.sysDescr.0 from the host zeus using the community string public : system.sysDescr.0 = "SunOS zeus.net.cmu.edu 4.1.3_U1 1 sun4m" If the network entity has an error processing the request packet, an error packet will be returned and a message will be shown, helping to pinpoint in what way the request was malformed. If there were other variables in the request, the request will be resent without the bad variable. Here is another example. The -c and -v options are defined in the snmpcmd(1) manual page. (Note that system.sysUpTime is an incomplete OID, as it needs the .0 index appended to it): snmpget -v1 -Cf -c public localhost system.sysUpTime system.sysContact.0 This example will return the following: Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: system.sysUpTime Similarly, the command: snmpget -v1 -c public localhost system.sysUpTime system.sysContact.0 Will return: Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: system.sysUpTime system.sysContact.0 = STRING: root@localhost With the -Cf flag specified the application will not try to fix the PDU for you. SEE ALSO snmpcmd(1), snmpwalk(1), variables(5). V5.7.2 18 Jun 2007 SNMPGET(1)
In folgendem Beispiel wollen wir den Hostnamen des Switchs erfragen. Hierzu nutzen wir den Parameter sysName.0
.
# snmpget -v3 -l authPriv -u monwalk -a SHA -A 1mi55MY8357fr13nd511V14 -x DES -X 1mi55MY8357fr13nd511V14 10.10.10.106 sysName.0
SNMPv2-MIB::sysName.0 = STRING: switch_ug
Natürlich können wir auch mehrere Werte abfragen, wie z.B. den Einbauort mit sysLocation.0
und die Updime des Switch mit system.sysUpTime.0
.
# snmpget -v3 -l authPriv -u monwalk -a SHA -A 1mi55MY8357fr13nd511V14 -x DES -X 1mi55MY8357fr13nd511V14 \ 10.10.10.106 sysLocation.0 system.sysUpTime.0
SNMPv2-MIB::sysLocation.0 = STRING: 933k - HE 07 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1690245443) 195 days, 15:07:34.43