Jump to content

How to change SNMP community name and move into protocol SNMPv3 [KSV Light Agent]


Recommended Posts

Antipova Anna

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

SNMP daemon on SVM should have the following default settings:

  • protocol version: v2c
  • rocommunity name: public
  • listening address and port: 0.0.0.0:161
  • access type: read only
  • transport: UDP
  • logging: syslog

The following statistics can be received from SVM:

#

Description

Name

Identifier

4.1

CPU Statistics UCD-SNMP-MIB::systemStats  

4.2

Memory Statistics UCD-SNMP-MIB::memory  

4.3

Load average statistics UCD-SNMP-MIB::laTable  

4.4

Disk statisitcs HOST-RESOURCES-MIB::hrStorageTable  

4.5

Network statistics IF-MIB::ifTable  

4.7

Amount of desktop VMs connected KSVLA-MIB::ksvlaProtectedDesktopCount 1.3.6.1.4.1.23668.1491.1539.1.1

4.8

Amount of server VMs connected KSVLA-MIB::ksvlaProtectedServerCount 1.3.6.1.4.1.23668.1491.1539.1.0

4.9

ODS running status:
- in progress (if all ODS Tasks are running)
- waiting (if at least one ODS task is waiting for processing)
- none (if no ODS tasks are running/waiting at all)

KSVLA-MIB::ksvlaODSStatus 1.3.6.1.4.1.23668.1491.1539.0.0

4.10

ODS queue lenght: amount of VMs awaiting ODS processing KSVLA-MIB::ksvlaODSQueueLenght 1.3.6.1.4.1.23668.1491.1539.0.1

4.11

Amount of simualtaneously running ODS tasks KSVLA-MIB::ksvlaODSTaskCount 1.3.6.1.4.1.23668.1491.1539.0.2

4.12

Current percent of an allowed physical memory consumption
- In case of watchdog is on use WDSERVER_MAX_MEM const
from ScanServerLaunch.sh as maximum 
- In case of watchdog is off use 100% as maximum
KSVLA-MIB::ksvlaMemoryConsumption 1.3.6.1.4.1.23668.1491.1539.3.0

4.13

Current percent of an allowed swap consumption
- In case of watchdog is on use WDSERVER_MAX_SWAP const 
from ScanServerLaunch.sh as maximum
- In case of watchdog is off use 100% as maximum 

 

KSVLA-MIB::ksvlaSwapConsumption

 

1.3.6.1.4.1.23668.1491.1539.3.1

4.14

Main processes state (running/stopped):

-- scan server daemon                                                                                                                                                                                 

KSVLA-MIB::ksvlaScanServerStatus                                                                                     

1.3.6.1.4.1.23668.1491.1539.2.0

-- klnagent daemon

KSVLA-MIB::ksvlaKlnagentStatus

1.3.6.1.4.1.23668.1491.1539.2.1

-- nginx daemon

KSVLA-MIB::ksvlaNginxStatus

1.3.6.1.4.1.23668.1491.1539.2.2

-- watchdog

KSVLA-MIB::ksvlaWatchdogStatus

1.3.6.1.4.1.23668.1491.1539.2.3

 

Change SNMP community name

  • Edit file /etc/snmnp/snmpd.conf
  • Change public into the string recommunity on your own
  • Save changes
  • Restart SNMP daemon - systemctl restart snmpd

Move on SNMPv3

  • Stop SNMP daemon - systemctl stop snmpd
  • Launch the command - net-snmp-config --create-snmpv3-user -ro -a "authpass" -x "privpass" -X AES -A SHA "user"
  1.            "authpass" is the private key/password for generating HMAC when connecting to snmpd, "privpass" is the private key/password for encrypting snmp traffic, "user" is the username for                snmpd. 
  2.            "authpass" and "privpass" we can say passwords, which should be generated by you own
  3.            "user" - user name for snmpd

           This command will make mpdifications into two files - /etc/snmp/snmpd.conf and /var/lib/net-snmp/snmpd.conf

  • Restart SVM
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...