Come join our live training webinar every other Wednesday at 11am PST and hear LogicMonitor experts explain best practices and answer common questions. We understand these are uncertain times, and we are here to help!
For most common Linux-based application and devices, enabling the SNMP background service is an essential step in the the very minimal steps that it takes to configure your host for monitoring. The aim of this page is to provide you with a general understanding of how to configure SNMP on your Linux host, and troubleshoot issues that may relate to IPtables blocking either of these protocols from working to the utmost potential. Depending on your configuration, additional adjustments may be necessary.
If you’re looking for help configuring SNMP v3, see this page. If you’re looking for help troubleshooting SNMP, see this page.
The most basic steps to configure SNMP are as follows. To ensure that you have sufficient permission, you should become root or use the sudo command for the following configuration steps.
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.old
chkconfig snmpd on
service snmpd restart
For more detailed instructions specific to the Linux distribution you are using, see the following RedHat/CentOS and Debian/Ubuntu sections.
yum install net-snmp
You can optionally install snmpwalk and other tools that can be useful for troubleshooting (these are not required for LogicMonitor to monitor the device):
yum install net-snmp-utils
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.original
echo "rocommunity notpublic" > /etc/snmp/snmpd.conf
sudo sh -c "echo 'rocommunity notpublic' > /etc/snmp/snmpd.conf"
echo "rocommunity notpublic 10.9.8.0/24" > /etc/snmp/snmpd.conf
systemctl restart snmpd.service
systemctl enable snmpd.service
Otherwise, for older versions of RedHat/CentOS, you can use these commands:
chkconfig snmpd on
Install the snmpd package:
apt-get install snmpd
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org
echo "rocommunity logicmonitor" > /etc/snmp/snmpd.conf
Make sure to substitute “logicmonitor” with the community string that you would like to use.
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -p /var/run/snmpd.pid'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'
iptables -A INPUT -p udp -s 10.1.1.10 --dport 161 -j ACCEPT
You need to replace “10.1.1.10” with the IP of your collector machine.
systemctl restart snmpd
systemctl enable snmpd
The following procedures below detail how to allow both SNMP and NTP access for Linux devices.
-A RH-Firewall-1-INPUT -p udp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 123 -j ACCEPT
service iptables restart
firewall-cmd --permanent --add-port=161/udp
firewall-cmd --permanent --add-service=ntp
firewall-cmd --permanent --list-all
In This Article