LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-23-2009, 04:33 AM   #1
MatsB
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Rep: Reputation: 0
monitor snmp with Disman


What I am trying to do here is monitor the change in load and disk usage so that the agent will send a trap when a server goes over a certain threshold. At the moment I’m only getting traps when I restart/reload the snmp agent. If anyone has an example config file that uses the Disman extensions (i.e. monitor, etc ... ) please send me some examples.

Also, I have yet to find decent examples or documentation on Net-SNMP that is complete and concise, could someone point me to a site that could explain a little better than the Net-SNMP site? Please help if at all possible. What I have come up with so far is from what I have
found from either the net-snmp site or bits and pieces scattered around the internet.

Thanks in advance for your help!

This is my snmpd.conf file (net-snmp 5.4.1)



Code:
###########################################################################
#
# snmpd.conf
#
#   - created by the snmpconf configuration program
#
###########################################################################
# SECTION: System Information Setup
#
#   This section defines some of the information reported in
#   the "system" mib group in the mibII tree.

# syslocation: The [typically physical] location of the system.
#   Note that setting this value here means that when trying to
#   perform an snmp SET operation to the sysLocation.0 variable will make
#   the agent return the "notWritable" error code.  IE, including
#   this token in the snmpd.conf file will disable write access to
#   the variable.
#   arguments:  location_string

syslocation  "Removed for privacy"

# syscontact: The contact information for the administrator
#   Note that setting this value here means that when trying to
#   perform an snmp SET operation to the sysContact.0 variable will make
#   the agent return the "notWritable" error code.  IE, including
#   this token in the snmpd.conf file will disable write access to
#   the variable.
#   arguments:  contact_string

syscontact  "Removed for privacy"



###########################################################################
# SECTION: Agent Operating Mode
#
#   This section defines how the agent will operate when it
#   is running.

# master: Should the agent operate as a master agent or not.
#   Currently, the only supported master agent type for this token
#   is "agentx".
#   
#   arguments: (on|yes|agentx|all|off|no)

# master  agentx

# Setup the credentials to retrieve monitored values
createUser      internal
iquerySecName   internal
rouser          internal noauth
# Activate the standard monitoring entries
defaultMonitors yes

# If ssCpuSystem goes over 5, send trap 
monitor -I -u internal -r 60 "High CPU Usage" 1.3.6.1.4.1.2021.11.10 > 5
# If dskErrorFlag is 1, as in disk getting full, send trap 
monitor -I -u internal -r 60 "Disk almost full" 1.3.6.1.4.1.2021.9.1.100 == 1
 


# authtrapenable: Should we send traps when authentication failures occur
#   arguments: 1 | 2   (1 = yes, 2 = no)

authtrapenable  1



###########################################################################
# SECTION: Monitor Various Aspects of the Running Host
#
#   The following check up on various aspects of a host.

# proc: Check for processes that should be running.
#     proc NAME [MAX=0] [MIN=0]
#   
#     NAME:  the name of the process to check for.  It must match
#            exactly (ie, http will not find httpd processes).
#     MAX:   the maximum number allowed to be running.  Defaults to 0.
#     MIN:   the minimum number to be running.  Defaults to 0.
#   
#   The results are reported in the prTable section of the UCD-SNMP-MIB tree
#   Special Case:  When the min and max numbers are both 0, it assumes
#   you want a max of infinity and a min of 1.

proc  ntpd 1 1
proc  snmpd 1 1

# disk: Check for disk space usage of a partition.
#   The agent can check the amount of available disk space, and make
#   sure it is above a set limit.  
#   
#    disk PATH [MIN=100000]
#   
#    PATH:  mount path to the disk in question.
#    MIN:   Disks with space below this value will have the Mib's errorFlag set.
#           Can be a raw byte value or a percentage followed by the %
#           symbol.  Default value = 100000.
#   
#   The results are reported in the dskTable section of the UCD-SNMP-MIB tree

disk  / 20%

# load: Check for unreasonable load average values.
#   Watch the load average levels on the machine.
#   
#    load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#   
#    1MAX:   If the 1 minute load average is above this limit at query
#            time, the errorFlag will be set.
#    5MAX:   Similar, but for 5 min average.
#    15MAX:  Similar, but for 15 min average.
#   
#   The results are reported in the laTable section of the UCD-SNMP-MIB tree

 load  5 5 5



###########################################################################
# SECTION: Access Control Setup
#
#   This section defines who is allowed to talk to your running
#   snmp agent.

# rocommunity: a SNMPv1/SNMPv2c read-only access community name
#   arguments:  community [default|hostname|network/bits] [oid]

rocommunity  "Removed for privacy"

###########################################################################
# SECTION: Trap Destinations
#
#   Here we define who the agent will send traps to.

# trap2sink: A SNMPv2c trap receiver
#   arguments: host [community] [portnum]

trap2sink  "Removed for privacy"
 
Old 11-23-2009, 06:45 AM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,278

Rep: Reputation: 148Reputation: 148
Just go through the following configuration files, may be they are helpful because this is a working configuration
This is my snmpd.conf
PHP Code:
rocommunity wwnet
trapcommunity 
public
trap2sink 172.16.11.79 public 166
master agentx
agentSecName disman
createUser disman MD5 sercrt
@1
rouser disman auth
com2sec   local       localhost         
public
com2sec   mynetwork   172.16.0.0/16      wwnet
group    MyRWGroup    v1           local
group    MyRWGroup    v2c          local
group    MyROGroup    v1           mynetwork
group    MyROGroup    v2c          mynetwork
##           incl/excl subtree                          mask
view all     included  .1                               80
##                  context   sec.model   sec.level   prefix   read    write   notif
access MyROGroup    ""        any         noauth      exact    all     none    none
access MyRWGroup    
""        any         noauth      exact    all     all     none
syslocation At server room
proc mysqld 10 0
proc httpd 10 1
#disk / 10000
disk    /            50%
disk    /usr         80%
disk    /home        40%
disk    /var         70%
disk    /opt         80%
monitor ---u disman -r 60 -o dskPath -o dskAvail -o dskTotal -o dskErrorMsg "Harddisk" dskErrorFlag 0 1
monitor 
--u disman -r 60 -o tcpCurrEstab -o tcpPassiveOpens -o tcpActiveOpens -o tcpAttemptFails "TCP Established" tcpCurrEstab 10
monitor 
--u disman -r 10 --o prNames.1 -o prCount.1 -o prErrMessage.1 "Process Httpd" prErrorFlag.1 0 1 
#monitor -u disman -r 10 -o loadaveLoad -o loadaveErrMessage "AvgCPU Load" loadaveErrorFlag 0 1
#monitor -u disman -r 10 -o memTotalReal.0 -o memAvailReal.0 "Real Memory" memAvailReal.0 < 10000
#monitor -u disman -r 10 -o memErrorName -o memSwapErrorMsg "Swap Memory" memSwapError = 0 1
#monitor -D -u disman -r 10 "Network Traffic" ifInOctets > 5000000
#monitor -D -u disman -r 10 -o hrSWRunName "High Process Memory" hrSWRunPerfMem > 1000000
# Check for loads:
load 12 8 6
logmatch LoginFailure 
/var/log/secure 10 Failed password 
notificationEvent TESTLOGMATCH 1.3.6.1.4.1.2021.16 
monitor 
---r 10 -e TESTLOGMATCH -o logMatchName -o logMatchFileName -o logMatchCurrentCount -o logMatchRegEx "Log Match" != logMatchCurrentCount -u disman
# Added for support of bcm5820 cards.
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat 
This is my snmptrapd.conf
PHP Code:
format2 finished
authCommunity log
,execute,net public
######traphandle  default /usr/sbin/snmptthandler --ini=/etc/snmp/snmptt.ini
#traphandle default /usr/sbin/snmptt 
traphandle  default  /usr/bin/perl  /usr/bin/traptoemail -s mail.domain.com -f root name@domain.com
disableAuthorization yes
#donotlogtraps  yes 

Last edited by kirukan; 11-23-2009 at 06:47 AM.
 
Old 11-23-2009, 07:22 AM   #3
MatsB
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Original Poster
Rep: Reputation: 0
Thx kirukan for the examples. I will try them out.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Monitor CPU / Memory usage via SNMP Mathieu AIX 2 11-04-2009 04:41 PM
console snmp monitor centosboy Linux - Networking 8 06-15-2009 10:03 AM
SNMP monitor that sends alerts fancylad Linux - Server 2 05-12-2008 06:31 PM
simple SNMP monitor Hewson Linux - Networking 2 09-05-2007 01:36 PM
snmp cpu monitor hank43 Linux - Networking 0 04-11-2004 03:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration