My OpenNMS system is running on Windows Server 2012 and I am doing most of my configurations through the web interface.
I have configured an SNMP community associated with a range of ip addresses for the node I want to monitor. I have specified a string for this community. I have added the node (which contains multiple ip addresses) for provisioning. I have added the node to the default data collection group. However, when I try to navigate to the node, rescan it, and manage data collection per interface, I cannot view the node as an option from which to collect data. I also do not see SNMP data on the node availability graphs, only ICMP data. How should I approach this problem. Are there any additional files I need to edit?
If any of you have some knowledge of OpenNMS, I would appreciate the help. I have only been using OpenNMS for 2 weeks now, and I have very little knowledge of SNMP or networking, though I am learning more every day.
First of all, it is important to ensure your OpenNMS as SNMP access to your Device you want to monitor. You can verify this by running the following command from the CLI off your OpenNMS server:
snmpwalk -v 2c -c <your-community-string> <your-ip-interface>
If you don't see any output or a timeout, you have connectivity issues which can be firewalls between your OpenNMS and the device you want to monitor. It can also be the SNMP Agent on your Device does not allow access from your OpenNMS servers IP address.
As I'm reading your Node has multiple IP interfaces you have provisioned. You can define an attribute "SNMP Primary" which means:
P: It is the primary interface and when it is reachable, OpenNMS will try to fetch all SNMP performance data from this interface
S: It is set as secondary, it means SNMP is available but will only be used to fetch SNMP performance data if the primary interface is down
N: Not used for SNMP performance data collection
By default OpenNMS detects also services like SNMP. The SNMP service is assigned to the interface when it is possible to fetch the System Object ID (sysoid) .1.3.6.1.2.1.1.2.0 from the given IP interface using the SNMP community you have configured by the IP address in the WebUI. You can troubleshoot this on the CLI using the snmpget command from your OpenNMS server like this:
snmpget -v 2c -c <your-community-string> <your-ip-interface> .1.3.6.1.2.1.1.2.0
If you don't get a result, OpenNMS will not detect the SNMP service. OpenNMS will only try to collect SNMP performance data from an IP interface when the SNMP service is associated.
Hope this helps for further troubleshooting.
Related
I have a .NET Kafka client (using librdkafka via a Confluent's .NET client) running on a physical server with two network interfaces active. One is 10G and the other is 1G, both of them have static IP addresses assigned. Our networking team handles the configurations and is unlikely to change their practices for one application so I'd like to handle this client-side. I should also mention that the 1G interface and 10G interfaces are on the same network.
Since my Kafka cluster (3-node) is all 10G, I would like to require my application's consumer to bind to the 10G IP address. Looking through all of the documentation, I can't find anything about defining this on the client.
I would like to avoid any "hacky" solutions like setting Kafka to deny any non-whitelisted IP addresses or DNS tomfoolery.
Thanks in advance!
Just to be sure.., Do you know if your server is doing interface bonding (means the traffic will load balance between each interface, though, it's unlikely to do binding on different speed interfaces..)?
If not, as your two interfaces are on the same network, it means you will only use one interface to reach the network (except if you have exotic routing config). This interface will be defined by your default route.
If it's a Linux server, you can do as follows :
ip route
default via X.X.X.X dev YOURDEFAULTINTERFACE
If it's the 10G, you have nothing to do and you can be sure it will use this interface.
If not, you cannot do anything Kafka side, as it's purely OS settings side. Your Kernel will forward any traffic through this default interface.
Again.. I insist on the fact that this is because both your interfaces are in the same network.
If you have any doubts with this, please share your network configuration in details ( result of ip addr and ip route)
Yannick
I am trying to discover some Windows and Linux machines that are provided by a 3rd part vendor so I dont have Local Admin access.
Providing I have the community string can discover these devices and find information like OS, HDD utilization, machine name?
Kind Regards,
Warren Gardner
The typical SNMP discovery is simply a number of SNMP GET/GET-NEXT requests to query the list of predefined OIDs. The procedure scans the range of IP addresses (UDP port 161) using the same SNMP security parameters. For SNMP v1/v2C the only parameter you need to specify is Read Community string. For SNMPv3 you have to specify security level, auth/priv protocol, username and password and some other parameters.
Please note that there is no standard for SNMP discovery. So usually the results of discovery are very limited (subset of RFC1213 - MIB-2):
sysName,
sysDescr,
sysLocation
network interfaces
The advanced SNMP discovery procedure is usually implemented in commercial software/NMS and includes extended information from Cisco IOS, printer status (toner level and so on), etc. Also these systems are capable of doing topology discovery based on CDP, LLDP, routing tables.
In Zabbix Server 3, I have a linux host monitored through SNMP.
The SNMP OID of the monitored MIB is as below:
SNMPv2-SMI::enterprises.94.7.1.4.2.1.5.1 = STRING: "CLUSTER STARTED (RESTARTED)"
I have configured this SNMP OID to be monitored for every 10 minutes. The Zabbix server is sending a SNMP get-request and the linux host replies back. The timestamp is updated in this case in Zabix>Monitoring>Latest Data section of Zabbix dashboard
I also have an SNMP trap defined for this event.
I restarted the cluster in the linux host, which triggered an SNMP trap message to zabbix and the event is captured in /var/log/zabbix/snmptrapfmt.log of zabbix server. But the Zabix>Monitoring>Latest Data section of Zabbix dashboard still has old timestamp for latest data. The new value is not updated from SNMP trap.
Is there any separate configuration needed for this?
I am using zabbix appliance 3 as zabbix server
The first item you showed, the one that polls SNMP, should not be relevant for trap processing.
Regarding the second item (snmptrap), make sure you have started SNMP trapper (StartSNMPTrapper parameter in the server configuration file).
Also check that Zabbix server points at the location where you traps are written with the parameter SNMPTrapperFile.
If all that is configured, check the server log - if a trap is written there, it was not matched to your item - in that case, check your regexp against the trap data and make sure the IP address Zabbix sees the trap from matches the SNMP interface address for that item.
In my network, I want to scan for snmp enabled devices. So is there any single line snmp command, to get list of snmp enabled devices in specific range of IP Address like 172.26.1.1 to 172.26.1.255.
I found a link which says it is possible but it does not mention the command.
https://support.panorama9.com/hc/en-us/articles/203568188-Test-if-SNMP-devices-are-responding-correctly-to-SNMP-queries
Is there any generic OID to achieve this or single snmp command ?
Well, you can try to use the subnet broadcast address but from the SNMP FAQ most devices have this turned off. So this probably won't work very well.
http://www.snmp.com/FAQs/snmp-faq-part2.txt
2.60.12
SUBJECT: How should an agent respond to a broadcast request?
When an SNMP request is sent with a broadcast address, Who is
supposed to respond? Ideally every host in the subnet should respond.
But I notice that it doesn't happen. What is the expected behaviour when
a directed broadcast is done?
Depending on how the agent is written, it may respond, or
just drop the message. Many agents just drop the message.
I believe that is what the SNMP agent in cisco product do.
Another alternative is to try to use nmap to scan for hosts that respond to SNMP as well as attempt to see what community strings they respond to.
https://www.vanstechelman.eu/networking/scanning_for_snmp_services_with_default_community_strings
also
https://nmap.org/nsedoc/scripts/snmp-brute.html
I want to monitor some servers in a cluster with Zabbix. if it is feasible to use "snmp agent" instead of "zabbix agent" to monitoring the servers, I will not install zabbix agent in every server.
So what is the advantage of zabbix agent than the snmp agent?
It depends on which parameters would you like to monitor. We are using SNMP monitoring on hosts (clusters and standalones) where vendor does not allow installation any other application except from himself.
Even in case of SNMP you need to modify configuration of your SNMP daemon on monitored host. But in some cases default configuration is sufficient to monitor at least some values without any installation/configuration/modification on monitored host. Be advised that the network must allow SNMP traffic (161/udp). I don't need to mention that SNMP v1 and v2c can be seen by somebody listening on the network. Values which can be monitored by SNMP daemon are listed in OID list http://www.alvestrand.no/objectid/top.html.
On the other hand Zabbix agent can monitor similar values like SNMP daemon. Additionaly there are some parameters which are more complex (like DNS response etc.). The list of values which can be monitored by Zabbix agent is on https://www.zabbix.com/documentation/2.2/manual/config/items/itemtypes/zabbix_agent