In order to get the most out of your installation, it is preferable to have your systems ready for SNMP Monitoring.

Vendors that provide SNMP management support have different methods for enabling the service and access to it.

We aim to assist in the set-up of common systems here, but you may need to refer to manufacturers documentation in some cases.

Before embarking on a roll-out of SNMP please refer to our SNMP security guidelines at www.mutiny.com/PDFs/GuidelinePolicyOnTheUseOfSNMP.pdf

Using SNMP v3  https://mutiny.freshdesk.com/a/solutions/articles/13000067880

Terms

Manager - The IP address of the monitoring system
Community String - access password for the service
Read Only - as it suggests this is a restriction on the ability to send configuration commands
Read Write - Allows configuration changes. NOT required for Mutiny installations
Traps - Alert messages sent by the device. Point to Mutiny address.

Windows Servers

With windows 2000 the SNMP service is normally installed and running with "public" as the community string and no restriction on access.

If not installed the service can be added from;
[Control Panels]=>[Add or Remove Programs]=>[Windows Components]=>[Management & Monitoring Tools]=>[Simple Network Management Protocol]

You may need to add the service from the add service/features and you also need to edit the firewall policy to allow domain access to the SNMP service for polling.

1. Connect to your server as an administrator and open the "Services" snap-in and scroll down to the SNMP service.
2. Select the |Security| tab and you will see 2 sections.
3. In the upper section you can define the SNMP Community String (password). Windows 2000 used "public".
4. In the lower section use the [Add] button to add the IP address of the Mutiny server.
5. Apply the changes and close the properties window.
6. Right-click on the SNMP service and select "Restart" to effect the changes.

Link to HP Insight agents for HP hardware monitoring.


Linux Hosts

Most Linux distributions use NET SNMP as the default installed SNMP agent, generally, all that is required to make these work is to know the community string that has been set up. However, the standard config files do not provide much more than basic system information and therefore we have provided a set of configuration files that you can use to give you CPU disk and memory values where available. snmp configuration files.

Find where your Net-SNMP configuration files are located – normally “/etc/snmp”.

Copy from the archive, the files “snmpd.conf” & “snmpd.local.conf” to this directory, overwriting any files of the same name that are there already.

- If necessary, use an editor of your choice to change the SNMP Community String (on lines 8 & 9) of the file “snmpd.conf”, from the default “public”, to the string of your choice (note these strings are case-sensitive).

- In the file “snmpd.local.conf”, you should change the “sysLocation” and “sysContact”, from the defaults, to their correct values for your system.

- Next you need to restart the snmpd daemon:

# /etc/init.d/snmpd restart.

Checkpoint Firewall

General SNMP info

How_To_Configure_SNMP_on_IP_Appliances.pdf

Cisco IOS

Try these steps outlined on this page


https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-book/nm-snmp-snmpv3.html#GUID-E9B523ED-2DEE-44AE-BBEC-ABE75EF40B2A


There are a few options regarding access control lists etc, but basically do the following;

1. Telnet to your device and login with your password.
2. type "en" and return to enter enabled mode.
3. Enter your enable password.
4. Type "sh run" to display the running config. Look for the line "snmp-server community ....." to see if the service is already configured, if not;
5. type "conf t" to enter config mode from a terminal.
6. paste in the following lines one at a time. Comments in italics

access-list 10 permit (mutinyipaddress)
make sure access list 10 is not already used in the running config choose another number if necessary and use the number at the end of the next command.
snmp-server community public ro 10
logging trap warnings

7. do a ctrl-Z to leave config mode.
8. type "copy run star" to write the config to the startup config.
9. Type "exit" to leave

The command "logging trap warnings" adds additional alert traps to be sent to mutiny some useful ones include;

  • Authentication failures
  • Configuration changes
  • Transient link failures

Cisco Nexus

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/sm_snmp.html

VMware ESX Server

VMware includes SNMP monitoring it just needs a small amount of configuration.

1. Enable or install SNMP on VMware; Documentation
see also; this KB article that includes the firewall settings.

VMware ESXi 6+ (does not apply to free hypervisor version)

First enable the SSH service on the Host.

Then shell on with your root user account and run the following commands:

SNMPv1/v2c

esxcli system snmp set -r
esxcli system snmp set -c public (or your chosen community string)
esxcli system snmp set -p 161
esxcli system snmp set -L "Location etc"
esxcli system snmp set -C your.email@example.com
esxcli system snmp set -e yes


SNMPv3 

(Using the example credentials, user: ESXv3user auth password: v3authpass ptiv password v3privpass)

esxcli system snmp set -e yes

esxcli system snmp set --privacy AES128

esxcli system snmp set --authentication SHA1

esxcli system snmp hash --auth-hash v3authpass --priv-hash v3privpass --raw-secret

(The previous command returns the following hash(s) needed in the next command)

Authhash: 7cc615dff865dfb1ef88b5f0b40c835888e6ec8b

 Privhash: 79d6b14a6d8532d34d6a6e063486fbf145dac05f


Now setup the user

(command is: esxcli system snmp set --users youruser/Authhash/Privhash/priv )

esxcli system snmp set --users ESXv3user/7cc615dff865dfb1ef88b5f0b40c835888e6ec8b/79d6b14a6d8532d34d6a6e063486fbf145dac05f/priv

 

Now set up the mutiny node with the same credentials.


VMware ESXi 5, 5.5 (does not apply to free hypervisor version)

Using the Vsphere remote cli run the following commands to the host:

vicfg-snmp.pl --server hostname --username username --password password -c public

vicfg-snmp.pl --server hostname --username username --password password --enable

Replace public with the community name you wish to set. Each time you specify a community with this command, the settings you specify overwrite the previous configuration.
 
The two commands above should be enough to enable the host. Then either add the host to mutiny or reset polling with recalculate thresholds if it already exists.
 
The following command is useful if you need to use a custom SNMP port

vicfg-snmp.pl --server hostname --username username --password password -p 161

To send traps to mutiny use

vicfg-snmp.pl --server hostname --username username --password password -t your.mutiny.add@162/public

Remember to add the Mutiny Trap agent to the list of agents on the node in Mutiny.

further reading at; vSphere Documentation Centre

Citrix Xenserver

http://support.citrix.com/article/CTX122337

HP MSA SAN

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-a00088574en_us

Other sources of reference

http://www.net-snmp.org/wiki/index.php/Main_Page#The_Net-SNMP_Wiki NET-SNMP for unix variants