A protocol for monitoring network traffic.

PREREQUISITES: source packages

INSTALLS: SNMP configuration for MRTG support.

last updated: June 2005

compile snmp:

cd /usr/src
wget http://unc.dl.sourceforge.net/sourceforge/net-snmp/net-snmp-5.2.1.tar.gz
# wget http://hostinghacks.net/dist/net-snmp-5.2.1.tar.gz

tar -zxf net-snmp-5.2.1.tar.gz
cd /usr/src/net-snmp-5.2.1

./configure \
    --prefix=/usr \
	--datadir=/etc \
	--localstatedir=/var \
	--enable-shared \
	--enable-static \
	--with-libwrap \
	--with-defaults \
	--with-perl-modules \
	--without-rpm \
	--disable-debugging \
	--with-mib-modules=host

make &&
make install

find /etc/snmp -type f -exec chmod 644 {} \; 1>/dev/null 2>/dev/null
find /etc/snmp -type d -exec chmod 755 {} \; 1>/dev/null 2>/dev/null

touch /var/log/snmpd.log

set /etc/snmp/snmpd.conf:

echo "rocommunity moonshine199" >> /etc/snmp/snmpd.conf

manually start the snmpd daemon:

snmpd -a -d -V -c /etc/snmp/snmpd.conf

run the 'snmpwalk' test:

snmpwalk -v 1 -OS -c moonshine199 localhost system

snmpwalk -v 1 -OS -c moonshine199 localhost interfaces.ifTable.ifEntry.ifDescr

snmpd init script:

cat > /etc/rc.d/rc.snmpd << "EOF"
#!/bin/sh
# Start/stop/restart a daemon.
#
program_start() {
  if [ -x /usr/sbin/snmpd ]; then
    echo -n "Starting snmpd daemon:  "
    /usr/sbin/snmpd -a -d -V -c /etc/snmp/snmpd.conf
  fi
}

program_stop() {
  echo "Stopping snmpd daemon:  "
  killall snmpd 2> /dev/null
}

# no need to adjust anything below:

program_restart() {
  program_stop
  sleep 1
  program_start
}

case "$1" in
'start')
  program_start
  ;;
'stop')
  program_stop
  ;;
'restart')
  program_restart
  ;;
*)
  echo "usage $0 start|stop|restart"
esac

EOF


chmod 755 /etc/rc.d/rc.snmpd
echo "/etc/rc.d/rc.snmpd start" >> /etc/rc.d/rc.local

/etc/rc.d/rc.snmpd start

Necessary MIB definitions:

mkdir -p /usr/share/snmp/mibs
cp /etc/snmp/mibs/UCD-SNMP-MIB.txt /usr/share/snmp/mibs/
cp /etc/snmp/mibs/TCP-MIB.txt /usr/share/snmp/mibs/

Configure logrotate | (note: the snmpd daemon will over write rather than append to /var/log/snmpd.log after a restart)

cat > /etc/logrotate.d/snmpd << "EOF"
/var/log/snmpd.log {
    missingok
    create 0644
    postrotate
        /etc/rc.d/rc.snmpd restart  2> /dev/null || true
    endscript
}
EOF

chmod 644 /etc/logrotate.d/snmpd

watch snmpd log files:

cat > /etc/cron.weekly/watch.snmpd << "EOF"
#! /bin/sh
tail -100 /var/log/snmpd.log | mail -s "snmpd log" servadmin@localhost

EOF

chmod +x /etc/cron.weekly/watch.snmpd
/etc/cron.weekly/watch.snmpd

manually starting the snmp daemon:

snmpd -a -d -V $DEBUGFLAG

snmpconf -g basic_setup

net-snmp-config --configure-options

snmpd -Lf /var/log/snmpd.log

snmpd -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf -Ls d 

root@devel:~# netstat -a | grep snm
udp        0      0 *:snmp                  *:*

some kind of fancy logging to screen here:
snmpd -D -d -V -f -r -x localhost

Usage:
  net-snmp-config [--cflags] [--agent-libs] [--libs] [--version]
                  ... [see below for complete flag list]

    --version         displays the net-snmp version number
    --indent-options  displays the indent options from the Coding Style
    --debug-tokens    displays a example command line to search to source
                      code for a list of available debug tokens

  SNMP Setup commands:

    --create-snmpv3-user [-ro] [-a authpass] [-x privpass] [-X DES]
                         [-A MD5|SHA] [username]

  These options produce the various compilation flags needed when
  building external SNMP applications:

    --base-cflags     lists additional compilation flags needed
    --cflags          lists additional compilation flags needed
                      (includes -I. and extra developer warning flags)

  These options produce the various link flags needed when
  building external SNMP applications:

    --libs            lists libraries needed for building applications
    --agent-libs      lists libraries needed for building subagents

  These options produce various link flags broken down into parts.
  (Most of the time the simple options above should be used.)

    --libdir              path to netsnmp libraries

    --base-agent-libs     netsnmp specific agent libraries

    --netsnmp-libs        netsnmp specific libraries (with path)
    --netsnmp-agent-libs  netsnmp specific agent libraries (with path)

    --ldflags             link flags for external libraries
    --external-libs       external libraries needed by netsnmp libs
    --external-agent-libs external libraries needed by netsnmp agent libs

  These options produce various link flags used when linking an
  external application against an uninstalled build directory.

    --build-includes      include path to build/source includes
    --build-lib-dirs      link path to libraries
    --build-lib-deps      path to libraries for dependency target

  Automatted subagent building (produces an OUTPUTNAME binary file):
  [this feature has not been tested very well yet.  use at your risk.]

    --compile-subagent OUTPUTNAME [--norm] [--cflags flags]
                                  [--ldflags flags] mibmodule1.c [...]]

         --norm           leave the generated .c file around to read.
         --cflags flags   extra cflags to use (e.g. -I...).
         --ldflags flags  extra ld flags to use (e.g. -L... -l...).

  Details on how the net-nsmp package was compiled:

    --configure-options   Display original configure arguments
    --snmpd-module-list   Display the modules compiled into the agent
    --prefix              Display the installation prefix

alternate method to graph cpu and memory usage:

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.10.1.5.1
UCD-SNMP-MIB::laLoadInt.1 = INTEGER: 0

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.10.1.5.2
UCD-SNMP-MIB::laLoadInt.2 = INTEGER: 0

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.10.1.5.3
UCD-SNMP-MIB::laLoadInt.3 = INTEGER: 0

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.4.3.0
UCD-SNMP-MIB::memTotalSwap.0 = INTEGER: 1024120

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.4.4.0
UCD-SNMP-MIB::memAvailSwap.0 = INTEGER: 1012492

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.4.5.0
UCD-SNMP-MIB::memTotalReal.0 = INTEGER: 223156

$ snmpget -v 1 -c private localhost .1.3.6.1.4.1.2021.4.6.0
UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 7992

---------------------------------------------------------
            Net-SNMP configuration summary:
---------------------------------------------------------

  SNMP Versions Supported:    1 2c 3
  Net-SNMP Version:           5.2.1
  Building for:               linux
  Network transport support:  Callback Unix TCP UDP
  SNMPv3 Security Modules:    usm
  Agent MIB code:             mibII ucd_snmp snmpv3mibs 
  notification target agent_mibs agentx utilities host
  SNMP Perl modules:          building -- not embeddable
  Embedded perl support:      disabled
  Authentication support:     MD5 SHA1
  Encryption support:         DES AES

---------------------------------------------------------