System Monitoring Via Nagios and SNMP<

SNMP

snmp is an internet protocol that allows you to retrieve management information from a remote device or to set configuration settings on a remote device.

Examples: CPU load, RAID status

An snmp system is generally considered to have 3 components:
  1. Agents
    Agents expose management information on a device. Usually, this is a daemon running on the device. It is the server in a typical client/server configuration. In our case, this is the snmpd process running on our remote device.
  2. Managers
    A manager is an application to retrieve information from the remote machine. A manager may be a web client, a command line program, or another daemon running on a monitoring machine. In our case, this is nagios.
  3. Management Information Bases (MIBs)
    MIBs are hierarchical lists of variables available via snmp. Each variable has an Object Identifier (OID), for example, on a Dell system, 1.3.6.1.4.1.674.10892.1.700.20.1.6.1.1 is the chassis temperature.

Installation

  1. # apt-get install snmp snmpd
    
  2. By default, snmpd listens only on 127.0.0.1. If you wish to monitor your system remotely, you need to edit /etc/default/snmp. Add your host IP address to the SNMPDOPTS line:
    #SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
    SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -p /var/run/snmpd.pid localhost,gracie'
    
  3. At this point you should be able to query system information via snmpget and snmpwalk:
    $ snmpget -v2c -c public localhost 1.3.6.1.2.1.1.3.0
    

snmpget and snmpwalk

Snmpget and snmwalk allow you to query system information via snmp. Examples:

  1. To query system uptime:
    snmpget -v2c -c public localhost 1.3.6.1.2.1.1.3.0
    
  2. Show a whole section of the MIB hierarchy at once:
    snmpwalk -v2c -c public localhost 1.3.6.1.2
    
  3. Another way to show system uptime:
    $ snmpget -v2c -c public localhost sysUpTime.0
    
    # snmpget -v2c -c public localhost sysUpTime.0
    DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (8172473) 22:42:04.73
    $ qalc '8172473/60/60/100'
    ((8172473 / 60) / 60) / 100 = approx. 22.701314
    $ uptime
     11:32:18 up 22:43,  3 users,  load average: 0.18, 0.17, 0.11
    

Security

Snmp has had three versions. Each version has added security components. Version 1 had only a "community" string which is similar to a password. By default on a debian system, snmp is installed with a red-only community string of public. It is considered "best practice" to change this upon installation:
# snmpconfig

# /etc/init.d/snmpd restart
Authentication and access control were added in version 3.
# /etc/init.d/snmpd stop
# net-snmp-config --create-snmpv3-user

# /etc/init.d/snmpd start
# snmpget -v 3 -u nemo -l authNoPriv -a MD5 -A qwerty1234 localhost sysUpTime.0
A more detailed look at snmp security is beyond the scope of this discussion.

Nagios

Nagios is a network monitoring tool which canissue alerts when it detects a problem on a machine it is monitoring. It can also issue an alert if the problem goes away. Nagios consistes of three parts:

  1. Nagios software
  2. Configuration files
  3. Plugins

Installation

apt-get install nagios3

Configuration

On a debian system, local configuration files for nagios are uin /etc/nagios3/conf.d/. The default configuration monitors localhost for several problems iincluding heavy load, low disk space, or too many processes. You will want to create files to define your own users, hosts, and possibly your own commands.

Plugins

On a debian system, a package named nagios-plugins is installed as a dependency when you install nagios3. This is a collection of perl scripts that do the system monitoring. The scripts are stored in /usr/lib/nagios/plugins/.

You can get an idea of what a script does by running it with the -h option:

cd /usr/lib/nagios/plugins/
./checksnmp -h

Writing Your Own Scripts

Nagios comes with an enormous number of scripts. There are many more on the nagios wiki at http://nagioswiki.com/. But the day may come when you need to write your own plugin. Tips:

  1. Take a look at the scripts in /usr/lib/nagios/plugins.
  2. use Nagios::Plugin ;
  3. Sample script: check_dellomsa

check_dellomsa