SNMPD: Unterschied zwischen den Versionen

Aus crazylinux.de
Zur Navigation springen Zur Suche springen
(neu)
 
 
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
we use snmpd for getting stats for [[Cacti|cacti]]. Most stats are created via [[Universal Log Analyser]]
from https://www.pitt-pladdy.com/blog/_20091031-110311_0000_Linux_Debian_Ubuntu_SNMP_basics/
For Debian and derivatives the server package mentioned above is snmpd. In most cases you will also want client / admin tools which are in the snmp package.
Now that will get you a basically functioning service, but since MIBs are can't be distributed due to licensing, they can't be part of the "open" packages Debian ships and since I originally wrote this article they have been removed. This means that things that are taken for granted here won't actually work unless you '''install''' the '''snmp-mibs-downloader''' package as well. This will pull in all the necessary MIBs in place, but to actually use them you will need to look in /etc/snmp/snmp.conf and see the comment there.
By default use of MIBs is disabled so you will need to comment the line as described in the file to enable use of the MIBs.




Zeile 106: Zeile 115:
extend fail2ban /etc/snmp/fail2ban-stats
extend fail2ban /etc/snmp/fail2ban-stats


</syntaxhighlight>
== Error ==
solution found on https://wiki.opennms.org/wiki/SNMP_spams_my_log
=== Cannot statfs /sys/kernel/debug/tracing: Permission denied ===
<syntaxhighlight lang="bash">
#/etc/rsyslog.d/040-snmp-statfs.conf
if $programname == 'snmpd' and $msg contains 'statfs' then {
  stop
}
</syntaxhighlight>
===disable debug logging===
SNMPd is sending log messages to syslog every time it receives a query from my monitoring tools. It adds a lot of clutter to the logs.
<code>
Sep 12 13:05:40 myhost snmpd[7073]: Connection from UDP: [ipaddr]:49272
</code>
edit in '''/lib/systemd/system/snmpd.service'''
see https://serverfault.com/questions/310640/reduce-snmpd-logging-verbosity
<syntaxhighlight lang="bash">
#/etc/default/snmpd
SNMPDOPTS='-LS 3 d -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /var/run/snmpd.pid'
</syntaxhighlight>
</syntaxhighlight>



Aktuelle Version vom 8. Juli 2023, 22:39 Uhr

we use snmpd for getting stats for cacti. Most stats are created via Universal Log Analyser

from https://www.pitt-pladdy.com/blog/_20091031-110311_0000_Linux_Debian_Ubuntu_SNMP_basics/

For Debian and derivatives the server package mentioned above is snmpd. In most cases you will also want client / admin tools which are in the snmp package.

Now that will get you a basically functioning service, but since MIBs are can't be distributed due to licensing, they can't be part of the "open" packages Debian ships and since I originally wrote this article they have been removed. This means that things that are taken for granted here won't actually work unless you install the snmp-mibs-downloader package as well. This will pull in all the necessary MIBs in place, but to actually use them you will need to look in /etc/snmp/snmp.conf and see the comment there.

By default use of MIBs is disabled so you will need to comment the line as described in the file to enable use of the MIBs.


  1. /etc/snmp/snmpd.conf
#
#  Disk Monitoring
#
                               # 10MBs required on root disk, 5% free on /var, 10% free on all other disks
disk       /     10000
disk       /var  5%
includeAllDisks  10%

#
#  System Load
#
                               # Unacceptable 1-, 5-, and 15-minute load averages
load   12 10 5
#  Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table
#     and nsExtendOutput2Table) to see the resulting output

#  Note that the "extend" directive supercedes the previous "exec" and "sh" directives
#  However, walking the UCD-SNMP-MIB::extTable should still returns the same output,
#     as well as the fuller results in the above tables.

extend dovecotauth /etc/snmp/dovecot-stats-auth
extend dovecotdeliver /etc/snmp/dovecot-stats-deliver
extend dovecotimapcrypto /etc/snmp/dovecot-stats-imap-crypto
extend dovecotimapdata /etc/snmp/dovecot-stats-imap-data
extend dovecotimapdisconnect /etc/snmp/dovecot-stats-imap-disconnect
extend dovecotimaplogin /etc/snmp/dovecot-stats-imap-login
extend dovecotimaploginmethod /etc/snmp/dovecot-stats-imap-loginmethod
extend dovecotpop3crypto /etc/snmp/dovecot-stats-pop3-crypto
extend dovecotpop3data /etc/snmp/dovecot-stats-pop3-data
extend dovecotpop3disconnect /etc/snmp/dovecot-stats-pop3-disconnect
extend dovecotpop3login /etc/snmp/dovecot-stats-pop3-login
extend dovecotpop3loginmethod /etc/snmp/dovecot-stats-pop3-loginmethod
extend dovecotmanagesievecrypto /etc/snmp/dovecot-stats-managesieve-crypto
extend dovecotmanagesievedata /etc/snmp/dovecot-stats-managesieve-data
extend dovecotmanagesiedisconnect /etc/snmp/dovecot-stats-managesieve-disconnect
extend dovecotmanagesielogin /etc/snmp/dovecot-stats-managesieve-login
extend dovecotmanagesieloginmethod /etc/snmp/dovecot-stats-managesieve-loginmethod
extend dovecotsessions /etc/snmp/dovecot-stats-sessions

extend postfixlocal     /etc/snmp/postfix-stats-local
extend postfixlmtp      /etc/snmp/postfix-stats-lmtp
extend postfixpickup /etc/snmp/postfix-stats-pickup
extend postfixqueue /etc/snmp/postfix-stats-queue
extend postfixsmtp      /etc/snmp/postfix-stats-smtp-connect
extend postfixsmtpstatus        /etc/snmp/postfix-stats-smtp-status
extend postfixsmtptls   /etc/snmp/postfix-stats-smtp-tls
extend postfixsmtpwarn  /etc/snmp/postfix-stats-smtp-warning
extend postfixsmtpd     /etc/snmp/postfix-stats-smtpd-connect
extend postfixsmtpdnq   /etc/snmp/postfix-stats-smtpd-noqueue
extend postfixsmtpdnqrec        /etc/snmp/postfix-stats-smtpd-noqueue-recipient
extend postfixsmtpdnqrel        /etc/snmp/postfix-stats-smtpd-noqueue-relay
extend postfixsmtpdnqsnd        /etc/snmp/postfix-stats-smtpd-noqueue-sender
extend postfixsmtpdnqclnt       /etc/snmp/postfix-stats-smtpd-noqueue-client
extend postfixsmtpdqd   /etc/snmp/postfix-stats-smtpd-queued
extend postfixsmtpdtls  /etc/snmp/postfix-stats-smtpd-tls
extend postfixsmtpdwarn /etc/snmp/postfix-stats-smtpd-warning
extend postfixcleanup   /etc/snmp/postfix-stats-cleanup
extend postfixpolicy /etc/snmp/postfix-stats-policy
extend postfixip /etc/snmp/postfix-stats-connect-ip
#extend clamav /etc/snmp/clamav-stats
extend spamd /etc/snmp/spamd-stats
extend opendkim /etc/snmp/opendkim-stats

 extend smartdevices /etc/snmp/smart-generic devices
 extend smartdescriptions /etc/snmp/smart-generic description
 extend smart1 /etc/snmp/smart-generic 1
 extend smart3 /etc/snmp/smart-generic 3
 extend smart4 /etc/snmp/smart-generic 4
 extend smart5 /etc/snmp/smart-generic 5
 extend smart7 /etc/snmp/smart-generic 7
 extend smart9 /etc/snmp/smart-generic 9
 extend smart10 /etc/snmp/smart-generic 10
 extend smart12 /etc/snmp/smart-generic 12
 extend smart170 /etc/snmp/smart-generic 170
 extend smart171 /etc/snmp/smart-generic 171
 extend smart172 /etc/snmp/smart-generic 172
 extend smart177 /etc/snmp/smart-generic 177
 extend smart178 /etc/snmp/smart-generic 178
 extend smart179 /etc/snmp/smart-generic 179
 extend smart180 /etc/snmp/smart-generic 180
 extend smart181 /etc/snmp/smart-generic 181
 extend smart182 /etc/snmp/smart-generic 182
 extend smart183 /etc/snmp/smart-generic 183
 extend smart184 /etc/snmp/smart-generic 184
 extend smart187 /etc/snmp/smart-generic 187
 extend smart189 /etc/snmp/smart-generic 189
 extend smartR190 /etc/snmp/smart-generic R190
 extend smartR194 /etc/snmp/smart-generic R194
 extend smart195 /etc/snmp/smart-generic 195
 extend smart196 /etc/snmp/smart-generic 196
 extend smart198 /etc/snmp/smart-generic 198
 extend smart199 /etc/snmp/smart-generic 199
 extend smart203 /etc/snmp/smart-generic 203
 extend smart226 /etc/snmp/smart-generic 226
 extend smart230 /etc/snmp/smart-generic 230
 extend smart231 /etc/snmp/smart-generic 231
 extend smart232 /etc/snmp/smart-generic 232
 extend smart233 /etc/snmp/smart-generic 233
 extend smart235 /etc/snmp/smart-generic 235
 extend smart241 /etc/snmp/smart-generic 241

extend fail2ban /etc/snmp/fail2ban-stats


Error

solution found on https://wiki.opennms.org/wiki/SNMP_spams_my_log

Cannot statfs /sys/kernel/debug/tracing: Permission denied

#/etc/rsyslog.d/040-snmp-statfs.conf
if $programname == 'snmpd' and $msg contains 'statfs' then {
   stop
}

disable debug logging

SNMPd is sending log messages to syslog every time it receives a query from my monitoring tools. It adds a lot of clutter to the logs.

Sep 12 13:05:40 myhost snmpd[7073]: Connection from UDP: [ipaddr]:49272

edit in /lib/systemd/system/snmpd.service

see https://serverfault.com/questions/310640/reduce-snmpd-logging-verbosity

#/etc/default/snmpd
SNMPDOPTS='-LS 3 d -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /var/run/snmpd.pid'