-
Notifications
You must be signed in to change notification settings - Fork 138
Configuring SNMP access
If you doing to configure monitoring on the other box than where module is installed (which is usual), then you will need to manually put IPT-NETFLOW-MIB.my into /usr/share/snmp/mibs/ (system wide configuration) or ~/.snmp/mibs/ (user configuration). It's useful to read man snmp.conf to learn about snmp utils defaults. man snmpd.conf to read details of mentioned config options.
In /etc/snmp/snmpd.conf:
rocommunity private 192.168.0.10
dlmod netflow /usr/lib/snmp/dlmod/snmp_NETFLOW.so
Replace private with your password, and 192.168.0.10 with IP address of your monitoring station (Cacti, etc).
- Pros: 1) very simple, 2) also full view to Linux MIB.
- Cons: 1) It's SNMP v1 and v2c, which is considered to be not so secure by modern standards.
Client config is not required, as you can specify parameters in command line, or in config of your monitoring system, but maybe useful. Add into ~/.snmp/snmp.conf:
defVersion 2c
defCommunity private
mibs +IPT-NETFLOW-MIB
Replace private with your password, and check file permissions to be sure that file is not world readable.
In /etc/snmp/snmpd.conf just:
dlmod netflow /usr/lib/snmp/dlmod/snmp_NETFLOW.so
Stop snmpd and run net-snmp-create-v3-user -ro tool to create SNMPv3 user, it will add appropriate configuration lines into /etc/snmp/snmpd.conf (rouser) and /var/lib/net-snmp/snmpd.conf (createUser), restart snmpd.
Optionally, add into ~/.snmp/snmp.conf:
defVersion 3
defSecurityLevel authPriv
defSecurityName yourusername
defPassphrase yourpassword
mibs +IPT-NETFLOW-MIB