Configure SNMP for Orion agents on Linux/Unix systems
As described in Poll devices with SolarWinds Orion agents, the Orion Platform uses agents to provide a communication channel between the Orion server and Linux/Unix systems for many purposes, such as:
- Polling interface data for Node Details view widgets
- Hardware health monitoring in NPM, SAM, and VMAN
- Polling by the SNMP component monitor
- Asset Inventory monitoring in SAM
Click here for a list of Linux/Unix systems that support the Orion agents for Linux and AIX. See Configure Linux/Unix systems for the Orion agent for Linux in the SAM Application Monitor Template Reference for additional details about specific environments such as Apache, Tomcat, and JMX.
Depending on your Network Discovery settings, SAM can automatically configure SNMP on Linux/Unix systems when Discovery detects new or updated nodes. You can also click List Resources in the Management widget on the Node Details view to trigger auto-configuration.
During auto-configuration, the Orion Platform performs the following tasks:
- Checks for an SNMP daemon on the target system.
- Configures the snmpd service to start automatically after the system reboots.
- Checks the
snmpd.conffile for an agent-owned community string. If no string exists, a randomly generated SNMP v2 community string is added and SNMP restarts.
### BEGIN SolarWinds Agent SNMP auto config rocommunity 36343901-D61F-4C72-B860-A8E18DD892E4 localhost ### END SolarWinds Agent SNMP auto config
To support agent configuration, you may need to install SNMP daemons on Linux/Unix systems (as described next) or enable SNMP daemons on AIX systems. If an agent detects existing SNMP community strings for SNMP v3, it won't modify the configuration automatically. Instead, you'll need to provide SNMP credentials manually at the node level to allow access. See Configure SNMP v3 on Linux/Unix systems.
As mentioned earlier, Orion agents configure SNMP automatically for Linux/Unix systems that host SNMP daemons. If you need to install the SNMP daemon, use one of the following commands based on the Linux/Unix distribution type.
- For Ubuntu:
sudo apt-get -y install snmpd
- For Red Hat/CentOS:
yum -y install net-snmp
- For SUSE:
zypper -y install net-snmp
If a SNMP daemon is not installed, SNMP cannot be configured.
Orion Agent auto-configuration is not currently supported on AIX systems, so you'll need to update the configuration manually.
AIX does not support polling SNMP v3 in encrypted mode.
To enable the SNMP daemon, update the configuration file in /etc/snmpdv3.conf which configures snmpv1, v2c, and v3 access, as shown in the following example:
# Two snmpv1 community strings: public commstr1
VACM_GROUP group1 SNMPv1 public -
VACM_GROUP group1 SNMPv1 commstr1 -
VACM_VIEW group1view internet - included -
VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 group1view - - -
COMMUNITY public public noAuthNoPriv 0.0.0.0 0.0.0.0 -
COMMUNITY commstr1 commstr1 noAuthNoPriv 0.0.0.0 0.0.0.0 -
# snmpv2c community string: swiagent
VACM_GROUP group2 SNMPv2c swiagent -
VACM_VIEW group2view internet - included -
VACM_ACCESS group2 - - noAuthNoPriv SNMPv2c group2view - - -
COMMUNITY swiagent swiagent - 0.0.0.0 0.0.0.0 -
COMMUNITY public public - 0.0.0.0 0.0.0.0 -
# snmpv3 user with no authorization: user1
USM_USER user1 - none - - - - -
VACM_GROUP group4 USM user1 -
VACM_VIEW group4view internet - included -
VACM_ACCESS group4 - - noAuthNoPriv USM group4view - - -
DEFAULT_SECURITY no-access - -
logging file=/usr/tmp/snmpdv3.log enabled
logging size=100000 level=3
Test the SNMP configuration
To test the configuration for SNMP v1 requests, use
To test v2c and v3 requests, use
clsnmp for v2c and v3 requests and configure
/etc/clsnmp.conf, as shown in this example that matches the previous example.
v2cstring localhost snmpv2c
v3user_noauth localhost snmpv3 user1 - - - - - - -
Orion agents support both SNMP v2 and v3. However, if an agent detects that SNMP v3 is already configured, it won't modify the existing configuration automatically. Instead, you'll need to provide SNMP credentials manually at the node level to allow access.
Wait until agents are deployed to test credentials. To check agent status, click Settings > All Settings > Manage Agents.
Add SNMP credentials
To add SNMP credentials to a new node being added to the Orion Platform:
- Click Settings > Manage Nodes > Add Node.
- Select Windows & Unix/Linux Servers: Agent as the Polling Method.
- Provide node credentials and enable the Include SNMP Credentials option.
- Follow on-screen instructions to complete the Add Node wizard.
To add SNMP credentials to an existing node, click Edit Node on the Node Details view.
After the agent is deployed, click Edit Node on the Node Details view to test credentials. Make sure the Include SNMP Credentials option is enabled, review credentials, and click Test.
To encrypt SNMP credentials, install a common Python extension,
pycrypto, on the target machine, as shown in this example:
PyCrypto installation on ubuntu apt-get install python-pip pip install pycrypto
The Orion agent for AIX does not support polling SNMP v3 in encrypted mode.