This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    SNMP

    Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions. The Sysdig agent can connect to network devices and collect metrics using SNMP.

    This page describes the default configuration settings, how to edit the configuration to collect additional information, the metrics available for integration, and a sample result in the Sysdig Monitor UI.

    SNMP Overview

    Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and configuring information about devices in the networks. The network devices include physical devices like switches, routers, servers etc.

    SNMP has three primary versions ( SNMPv1, SNMPv2c and SNMPv3) and SNMPv2c is most widely used.

    SNMP allows device vendors to expose management data in the form of variables on managed systems organized in a management information base (MIB), which describe the system status and configuration. The devices can be queried as well as configured remotely using these variables. Certain MIBs are generic and supported by the majority of the device vendors. Additionally, each vendor can have their own private/enterprise MIBs for vendor-specific information.

    SNMP MIB is a collection of objects uniquely identified by an Object Identifier (OID). OIDs are represented in the form of x.0, where x is the name of object in the MIB definition.

    For example, suppose one wanted to identify an instance of the variable sysDescr
    
    The object class for sysDescr is:
    
    iso org dod internet mgmt mib system sysDescr
     1   3   6     1      2    1    1       1
    
    Hence, the object type, x, would be 1.3.6.1.2.1.1.1
    

    SNMP Agent Configuration

    To monitor the servers with the Sysdig agent, the SNMP agent must be installed on the servers to query the system information.

    For Ubuntu-based servers, use the following commands to install the SNMP Daemon:

    $sudo apt-get update
    $sudo apt-get install snmpd
    

    Next, configure this SNMP agent to respond to queries from the SNMP manager by updating the configuration file located at /etc/snmp/snmpd.conf

    Below are the important fields that must be configured:

    snmpd.conf

    # Listen for connections on all interfaces (both IPv4 *and* IPv6)
    agentAddress udp:161,udp6:[::1]:161
    
    ## ACCESS CONTROL
    ## system + hrSystem groups only
    view systemonly included .1.3.6.1.2.1.1
    view systemonly included .1.3.6.1.2.1.25.1
    view systemonly included .1.3.6.1.2.1.31.1
    view systemonly included .1.3.6.1.2.1.2.2.1.1
    
    # Default access to basic system info
    rocommunity public default -V systemonly
    # rocommunity6 is for IPv6
    rocommunity6 public default -V systemonly
    

    After making changes to the config file, restart the snmpd service using:

    $sudo service snmpd restart
    

    Sysdig Agent Configuration

    Review how to Edit dragent.yaml to Integrate or Modify Application Checks.

    Default Configuration

    No default configuration is present for SNMP check.

    • You must specify the OID/MIB for every parameter you want to collect, as in the following example.

    • The OIDs configured in dragent.yaml are included in the snmpd.conf configuration under the ‘ACCESS CONTROL’ section

    • Ensure that the community_string is same as configured in the system configuration (rocommunity).

    Remember! Never edit dragent.default.yaml directly; always edit only dragent.yaml.

    Example

    app_checks:
      - name: snmp
        pattern:
          comm: python
          arg: /opt/draios/bin/sdchecks
        interval: 30
        conf:
          mibs_folder: /usr/share/mibs/ietf/
          ip_address: 52.53.158.103
          port: 161
          community_string: public
    
          # Only required for snmp v1, will default to 2
          # snmp_version: 2
    
          # Optional tags can be set with each metric
          tags:
             - vendor:EMC
             - array:VNX5300
             - location:front
    
          metrics:
            - OID: 1.3.6.1.2.1.25.2.3.1.5
              name: hrStorageSize
            - OID: 1.3.6.1.2.1.1.7
              name: sysServices
            - MIB: TCP-MIB
              symbol: tcpActiveOpens
            - MIB: UDP-MIB
              symbol: udpInDatagrams
            - MIB: IP-MIB
              table: ipSystemStatsTable
              symbols:
                - ipSystemStatsInReceives
              metric_tags:
                - tag: ipversion
                  index: 1        # specify which index you want to read the tag value from
            - MIB: IF-MIB
              table: ifTable
              symbols:
                - ifInOctets
                - ifOutOctets
              metric_tags:
                - tag: interface
                  column: ifDescr  # specify which column to read the tag value from
    

    The Sysdig agent allows you to monitor the SNMP counters and gauge of your choice. For each device, specify the metrics that you want to monitor in the metrics subsection using one of the following methods:

    1. Specify a MIB and the symbol that you want to export

      metrics:
        - MIB: UDP-MIB
          symbol: udpInDatagrams
      
    2. Specify an OID and the name you want the metric to appear under in Sysdig Monitor:

      metrics:
        - OID: 1.3.6.1.2.1.6.5
          name: tcpActiveOpens
      #The name here is the one specified in the MIB but you could use any name.
      
    3. Specify an MIB and a table from which to extract information:

      metrics:
        - MIB: IF-MIB
          table: ifTable
          symbols:
            - ifInOctets
          metric_tags:
            - tag: interface
          column: ifDescr
      

    Metrics Available

    The SNMP check does not have default metrics. All metrics mentioned in dragent.yaml file will be seen with snmp.* prefix/

    Result in the Monitor UI