Site icon DBsGuru

Steps to Install & Configure SNMP in Oracle Linux 7

Steps to Install & Configure SNMP in Oracle Linux 7


SNMP
(Simple Network Management Protocol) is an internet standard protocol used to remotely retrieve the operational statistics of the servers and infrastructure components. SNMP protocol is implemented on the application layer of the networking stack. It is one of the widely accepted protocols to manage and monitor network elements. The protocol was created as a way of gathering information from very different systems in a consistent manner.


SNMP Version 3
provides greater security and remote configuration capabilities. Access isn’t limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced. It supports using encryption algorithms and authentication mechanisms.

We need to install SNMP agent in Linux Server when we require to monitor Linux Server with some monitoring tool like PRTG, Zabbix, etc. This monitoring tool acts as an SNMP manager and sends query requests to agents with the correct credentials to gather operational statistics of the servers.


Follow the below steps to Install & Configure SNMP

1. Install the SNMP package using the YUM command
2. Stop SNMP service
3. Create SNMP User
4. Start SNMP service
5. Testing SNMP service
6. Open SNMP firewall ports
7. Enable SNMP service
8. Add SNMP user in monitoring Tool


Step 1. Install SNMP package using YUM command: Use OS command YUM to install required SNMP packages. Once the package is installed remember to take a backup of SNMP config file.

[root@test-machine01 ~]# cat /etc/oracle-release
Oracle Linux Server release 7.7
[root@test-machine01 ~]#

[root@test-machine01 ~]#
[root@test-machine01 ~]#  yum install -y net-snmp net-snmp-utils
Loaded plugins: langpacks, ulninfod
ol7_UEKR5                                                                                                                                                              | 3.0 kB  00:00:00
ol7_latest                             
Installed:
  net-snmp.x86_64 1:5.7.2-49.0.1.el7_9.2                                                     net-snmp-utils.x86_64 1:5.7.2-49.0.1.el7_9.2

Dependency Installed:
  net-snmp-agent-libs.x86_64 1:5.7.2-49.0.1.el7_9.2d

Dependency Updated:
  net-snmp-libs.x86_64 1:5.7.2-49.0.1.el7_9.2

Complete!
[root@test-machine01 ~]#

[root@test-machine01 ~]# cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak


Step 2. Stop SNMP service: Stop SNMP service using systemctl command.

[root@test-machine01 ~]#
[root@test-machine01 ~]# systemctl stop snmpd.service
[root@test-machine01 ~]#


Step 3. Create SNMP User: Use command net-snmp-create-v3-user. Please note we are creating a user as snmpuser with password SnMpUseR# and authentication protocol SHA and privacy protocol AES.

-v3 : specifies version
-u : specifies username
-l : LEVEL set security level (noAuthNoPriv|authNoPriv|authPriv)
-a : PROTOCOL set authentication protocol (MD5|SHA)
-A : PASSPHRASE set authentication protocol pass phrase
-x : PROTOCOL set privacy protocol (DES|AES)
-X : PASSPHRASE set privacy protocol pass phrase

[root@test-machine01 ~]#
[root@test-machine01 ~]# net-snmp-create-v3-user -ro -A SnMpUseR# -a SHA -X SnMpUseR# -x AES snmpuser
adding the following line to /var/lib/net-snmp/snmpd.conf:
   createUser snmpuser SHA "SnMpUseR#" AES SnMpUseR#_123!
adding the following line to /etc/snmp/snmpd.conf:
   rouser snmpuser
[root@test-machine01 ~]#


Step 4. Start SNMP service: Start SNMP service using systemctl command.

[root@test-machine01 ~]#
[root@test-machine01 ~]# systemctl start snmpd.service
[root@test-machine01 ~]#


Step 5. Testing SNMP service Use snmpwalk command to verify the user authentication. Please note we are currently testing locally by providing localhost IP 127.0.0.1. This confirms SNMP Agent can read the system locally. Please note output will be very long.

[root@test-machine01 ~]#
[root@test-machine01 ~]# snmpwalk -u snmpuser -A SnMpUseR# -a SHA -X SnMpUseR# -x AES -l authPriv 127.0.0.1 -v3
SNMPv2-MIB::sysDescr.0 = STRING: Linux test-machine01.local 5.4.17-2102.201.3.el7uek.x86_64 #2 SMP Fri Apr 23 09:05:55 PDT 2021 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (807) 0:00:08.07
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
[root@test-machine01 ~]#


Step 6. Open SNMP firewall ports: Use firewall-cmd command to open below udp ports on Server firewall. And then test from a remote server, in our case we are testing user authentication from test-machine02. This confirms SNMP Manager can read the system remotely.

[root@test-machine01 ~]#
[root@test-machine01 ~]# firewall-cmd --zone=public --add-port=162/udp --permanent
successd
[root@test-machine01 ~]# firewall-cmd --zone=public --add-port=161/udp --permanent
success
[root@test-machine01 ~]# firewall-cmd --reload
success
[root@test-machine01 ~]
############ Remote Testing from different Server #######################

[root@test-machine02 ~]# 
[root@test-machine02 ~]# snmpwalk -u snmpuser -A SnMpUseR# -a SHA -X SnMpUseR# -x AES -l authPriv test-machine01 -v3
SNMPv2-MIB::sysDescr.0 = STRING: Linux test-machine01.local 4.14.35-2047.516.2.1.el7uek.x86_64 #2 SMP Wed Aug 17 16:30:09 PDT 2022 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (9268658) 1 day, 1:44:46.58
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: test-machine01.local
[root@test-machine02 ~]#


Step 7. Enable SNMP service: Enable SNMP service using systemctl command.

[root@test-machine01 ~]#
[root@test-machine01 ~]# systemctl enable snmpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/snmpd.service to /usr/lib/systemd/system/snmpd.service.
[root@test-machine01 ~]#

[root@test-machine01 ~]#
[root@test-machine01 ~]# systemctl status snmpd.service
â snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
   Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2022-09-01 17:33:03 +03; 10min ago
 Main PID: 234582 (snmpd)
    Tasks: 1
   CGroup: /system.slice/snmpd.service
           ââ234582 /usr/sbin/snmpd -LS0-6d -f

Sep 01 17:33:03 test-machine01.local systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Sep 01 17:33:03 test-machine01.local snmpd[234582]: NET-SNMP version 5.7.2
Sep 01 17:33:03 test-machine01.local systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
[root@test-machine01 ~]#


Step 8. Add SNMP user in monitoring Tool: In the below image, we have configured snmp user created in Step 3 in the PRTG monitoring tool.

This document is only for learning purposes and always validate in the LAB environment first before applying in the LIVE environment.


Hope so you like this article!
Please share your valuable feedback/comments/subscribe and follow us below and don’t forget to click on the bell icon to get the most recent update. 
Click here to understand more about our pursuit.


Related Articles



Exit mobile version