I am struggling a lot to understand and setup SNMP Trap monitoring using Nagios monitoring tool.
I followed many tutorials and articles over internet but unable to understand below 2 points:
1) Understanding about SNMP Trap monitoring, why we do SNMP trap monitoring ?
2) How do we implement SNMP Trap monitoring using Nagios monitoring tool ?
Any help on above 2 points would be highly appreciated.
Thanks in Advance.
Most network devices keep a database called Management Information Base (MIB). This is used to track information related to hardware including health. To get this information you have to provide an OID or the Object Identifier which is different for different vendors.
Through SNMP you can query any of the OIDs from a device. Let's say you have a Cisco Router and you want to make sure it does not over heat. So you check the OID for temperature every 5-10 minutes and then on Nagios you configure certain limits, for example if the temperature ever increases above 45c then Nagios should send you an alert etc. Similarly you can monitor other OIDs.
So the question is how do you use SNMP with Nagios?
Nagios has a script called check_snmp that does this for you.
check_snmp -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]
[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]
[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]
[-m miblist] [-P snmp version] [-L seclevel] [-U secname] [-a authproto]
[-A authpasswd] [-x privproto] [-X privpasswd]
As you can see you can provide the IP address, OID, your warning and critical thresholds and authentication information etc. Hope this helps.
Related
Given the following sample/simple snmpd.conf (Net-SNMP 5.7.2 on RHEL 7.4)
rwcommunity private 192.168.56.101
trapsess -Ci --clientaddr=192.168.56.128 -v 2c -c private 192.168.56.101:162
when starting a SNMP Daemon
snmpd -f -Lo -D -C -c data/snmpd_test.conf udp:192.168.56.128:161
We obtain ''Start Up'' InformRequest with IP source 192.56.168.1 instead of ...128 (WireShark snapshot below)
It is not surprising as the -D option allows us to output the debug information saying that
trace: netsnmp_config_process_memory_list(): read_config.c, 696:
read_config:mem: processing memory: clientaddr 192.168.56.128
trace: run_config_handler(): read_config.c, 562:
9:read_config:parser: clientaddr handler not registered for this time
Web sources however say:
snmp.conf
...This value is also used by snmpd when generating notifications.
snmpd.conf
trapsess [SNMPCMD_ARGS] HOST
provides a more generic mechanism for defining notification destinations.
SNMPCMD_ARGS should be the command-line options required for an equivalent
snmptrap (or snmpinform) command to send the desired notification
I read also some old threads like this one
However this option is working well with snmptrap
snmptrap -D -Lo -Ci --clientaddr=192.168.56.128 -M+path_to_my_mibs -v 2c -c private 192.168.56.101:162 "" .1.3.6.1.4.1.a.b.c.d.e.f.0 i 0
This option is also working when placed in snmp.conf ( mind there is no 'd' here ) and then it applies to snmpset and snmpget (and maybe other)
So my question is: Is it a documentation error, a bug, a misuse of the Net-SNMP stack ?
After a long struggle I may have an answer and I write a short note as I just found a trick
It seems that clientaddr is not parsed correctly wherever in the snmpd.conf
(I tried not also inside the trapsess line)
But it seems to be a valid option in the command line of snmpd
like it was a valid option in the snmptrap command line. So I assumed it could be the same parsing mechanism for both.
a condition also is that the IP addres must be valid one
which means that
snmpd -f -Lo -D -C -c data/snmpd_test.conf --clientaddr=192.168.56.128 udp:192.168.56.128:161
seems to fully solve my problem.
I will perform more tests and if accurate format this answer a little bit better but it seems a good hint.
As I know, In RocketMq, a "queue" is similar as a "partition" in Kafka.
One topic has multiple queues, also has multiple brokers(master and slave).
But how are the queues are mapped to the masters?
For example, if I have a topic with 3 queues, and 3 masters. The 3 queues are distributed among the 3 masters? or each master has 3 queues?
You can specify the queue numbers When you create topic:
sh mqadmin updateTopic -h
usage: mqadmin updateTopic [-b <arg>] [-c <arg>] [-h] [-n <arg>] [-o <arg>] [-p <arg>] [-r <arg>] [-s <arg>]
-t <arg> [-u <arg>] [-w <arg>]
-b,--brokerAddr <arg> create topic to which broker
-c,--clusterName <arg> create topic to which cluster
-h,--help Print help
-n,--namesrvAddr <arg> Name server address list, eg: 192.168.0.1:9876;192.168.0.2:9876
-o,--order <arg> set topic's order(true|false
-p,--perm <arg> set topic's permission(2|4|6), intro[2:W 4:R; 6:RW]
-r,--readQueueNums <arg> set read queue nums
-s,--hasUnitSub <arg> has unit sub (true|false
-t,--topic <arg> topic name
-u,--unit <arg> is unit topic (true|false
-w,--writeQueueNums <arg> set write queue nums
That means you can decide the queue numbers in any broker or cluster.
More details please refer to here.
I was able to set up fence_vmware_soap in my cluster and I know it is used to prevent data corruption so that two nodes do not write to a shared storage (luns in my case) at the same time. The fence will make sure the unhealthy node is completely down before the active node is able to take over and write to the shared disk.
I will like to know what happens and how the one node in the cluster knows the other node is unhealthy before the unhealthy node kills itself using fence_vmware_soap agent.
I will really appreciate an answer explaining it in a very simple way because this is my first time setting up an nfs cluster (active /passive)
I know this thread is kinda old, but:
First try to reach your vmware cluster is available:
# fence_vmware_soap -a my_host_ip -l my_user -p my_pw --ssl -z -v -o list
I don't know how to do it with pacemaker, but the solution without is to change following in your cluster.conf:
<clusternode name="n1" nodeid="2" votes="1">
<fence>
<method name="1">
<device name="vmwarefence" port="rhel5rhcs-node1"
uuid="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"/>
</method>
</fence>
</clusternode>
</clusternodes>
<cman expected_votes="1" two_node="1"/>
<fencedevices>
<fencedevice agent="fence_vmware_soap" ipaddr="xxx.xxx.xxx.xxx"
login="root" name="vmwarefence" passwd="pwd" ssl="1"/>
</fencedevices>
You can afterwards check the cluster status by
# clustat
I have started jboss EAP 6.4 server with following parameter:
JAVA_OPTS: -server -XX:+UseCompressedOops -verbose:gc -Xloggc:"/home/sshekhar/EAP-6.4.0/test02/standalone/log/gc.log"
-XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5
-XX:GCLogFileSize=3M -XX:-TraceClassUnloading -Djava.awt.headless=true -XX:MaxPermSize=512m
-XX:-UseGCOverheadLimit -Dcom.propFile=local_jboss -Dfile.encoding=UTF-8 -Dcom.sun.management.snmp.port=1610
-Dcom.sun.management.snmp.acl.file=/home/sshekhar/.snmp/mibs/snmp.acl
-Djboss.modules.system.pkgs=org.jboss.byteman,org.jboss.logmanager -Djava.awt.headless=true -Djava.util.logging.manager=org.jboss.logmanager.LogManager
-Xbootclasspath/p:/home/sshekhar/EAP-6.4.0/modules/system/layers/base/org/jboss/logmanager/main/jboss-logmanager-1.5.4.Final-redhat-1.jar
Server starts successfully.
I am running command: snmpwalk -c public -v 2c 127.0.0.1:1610
It gives
Error in packet.
Reason: authorizationError (access denied to that object)
File: /home/sshekhar/.snmp/mibs/snmp.acl has 700 access set to it.
I am new to SNMP and all I am looking forward is to configure JBoss 6.4 to use SNMP for monitoring.
Also, there is no data written in file: /home/sshekhar/.snmp/mibs/snmp.acl
Also, I created a user using
net-snmp-create-v3-user -ro -A password -X password -a MD5 -x DES myUser
Now, when I am trying to run the command snmpwalk -c public -v3 -u myUser -a MD5 -x DES -X password -A password localhost:1610
it gives me error saying snmpwalk: Unknown user name
snmpwalk -v1 -c public localhost:1610 gives no result
snmpwalk -v1 -c groupv3 localhost:1610 gives End of MIB
Can anyone please help me in understanding what might be the error and what should be my next steps to debug/resolve the issue?
I'm afraid I don't have an exact answer for you, but I can give you a little context about the SNMP versions-
SNMPv1 and SNMPv2c only use community string for authentication
An example SNMPv1 walk is as follows (community string is "public):
snmpwalk -v1 -c public 192.168.1.1
And an example SNMPv2c walk:
snmpwalk -v2c -c public 192.168.1.1
SNMPv3 has quite configurable authentication, using up to:
Security name (aka username)
Security level (noAuthNoPriv, authNoPriv, noAuthPriv, authPriv)
Auth protocol (e.g. SHA, AES)
Auth key (string)
Privacy protocol (e.g. MD5, DES)
Privacy key (string)
(optional) Context name
(optional Engine ID
As you can see, it can be quite complex- the "security level" is a setting that sometimes needs to be specified, it defines how much of the SNMPv3 security model you're using- if you're using an auth protocol and key and a privacy protocol and key, you'll need to use authPriv; if you're using none of those, you'll need to use noAuthNoPriv (just the security name).
An example SNMPv3 walk is as follows:
snmpwalk -v3 -u some_username -a SHA -A 'some_auth_key' -l authPriv -x AES -X 'some_privacy_key' 192.168.1.1
Basically, I'd recommend trying to setup SNMPv1 or SNMPv2c until you can get everything working nicely- I can't speak for JBoss, but on most networking devices this is simply a matter of picking an SNMP version (e.g. v2c) and specifying the read only community string (e.g. "public").
When/if you get to configuring SNMPv3, you might just have to be flexible with some of the different settings I find (again, in the context of network devices) that you won't find one setting that'll work on lots of different vendors of devices, you'll have to try some different auth protocols, different privacy protocols etc.
Best of luck!
I want to count the malloc system call with Kprobe in fedora.
I know that malloc is not a system call and is implemented in user space, but I want to count malloc with kprobe if its possible.
What is the name of system call that I must give to Kprobe?
For example for do_work:
kp.addr = (kprobe_opcode_t *) kallsyms_lookup_name("do_fork");
This is not possible with kprobes because, as you said, malloc is not a system call.
You can, however, use USDTs to trace userspace processes. The bcc tools contain an example with uobjnew. It traces object allocations in the given process:
$ ./uobjnew -h
usage: uobjnew.py [-h] [-l {java,ruby,c}] [-C TOP_COUNT] [-S TOP_SIZE] [-v]
pid [interval]
Summarize object allocations in high-level languages.
positional arguments:
pid process id to attach to
interval print every specified number of seconds
optional arguments:
-h, --help show this help message and exit
-l {java,ruby,c}, --language {java,ruby,c}
language to trace
-C TOP_COUNT, --top-count TOP_COUNT
number of most frequently allocated types to print
-S TOP_SIZE, --top-size TOP_SIZE
number of largest types by allocated bytes to print
-v, --verbose verbose mode: print the BPF program (for debugging
purposes)
examples:
./uobjnew -l java 145 # summarize Java allocations in process 145
./uobjnew -l c 2020 1 # grab malloc() sizes and print every second
./uobjnew -l ruby 6712 -C 10 # top 10 Ruby types by number of allocations
./uobjnew -l ruby 6712 -S 10 # top 10 Ruby types by total size