Sysdig Documentation

SNMP

Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions. The Sysdig agent can connect to network devices and collect metrics using SNMP.

This page describes the default configuration settings, how to edit the configuration to collect additional information, the metrics available for integration, and a sample result in the Sysdig Monitor UI.

SNMP Overview

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and configuring information about devices in the networks. The network devices include physical devices like switches, routers, servers etc.

SNMP has three primary versions ( SNMPv1, SNMPv2c and SNMPv3) and SNMPv2c is most widely used.

SNMP allows device vendors to expose management data in the form of variables on managed systems organized in a management information base (MIB), which describe the system status and configuration. The devices can be queried as well as configured remotely using these variables. Certain MIBs are generic and supported by the majority of the device vendors. Additionally, each vendor can have their own private/enterprise MIBs for vendor-specific information.

SNMP MIB is a collection of objects uniquely identified by an Object Identifier (OID). OIDs are represented in the form of x.0, where x is the name of object in the MIB definition.

For example, suppose one wanted to identify an instance of the variable sysDescr 

The object class for sysDescr is:             

iso org dod internet mgmt mib system sysDescr       
 1   3   6     1      2    1    1       1

Hence, the object type, x, would be 1.3.6.1.2.1.1.1 

SNMP Agent Configuration

To monitor the servers with the Sysdig agent, the SNMP agent must be installed on the servers to query the system information.

For Ubuntu-based servers, use the following commands to install the SNMP Daemon:

$sudo apt-get update
$sudo apt-get install snmpd

Next, configure this SNMP agent to respond to queries from the SNMP manager by updating the configuration file located at /etc/snmp/snmpd.conf

Below are the important fields that must be configured:

snmpd.conf

# Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161

## ACCESS CONTROL
## system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
view systemonly included .1.3.6.1.2.1.31.1
view systemonly included .1.3.6.1.2.1.2.2.1.1

# Default access to basic system info
rocommunity public default -V systemonly
# rocommunity6 is for IPv6
rocommunity6 public default -V systemonly

After making changes to the config file, restart the snmpd service using:

$sudo service snmpd restart

Sysdig Agent Configuration

Review how to Edit dragent.yaml to Integrate or Modify Application Checks.

Default Configuration

No default configuration is present for SNMP check.

  • You must specify the OID/MIB for every parameter you want to collect, as in the following example.

  • The OIDs configured in dragent.yaml are included in the snmpd.conf configuration under the 'ACCESS CONTROL' section

  • Ensure that the community_string is same as configured in the system configuration (rocommunity).

Warning

Remember! Never edit dragent.default.yaml directly; always edit only dragent.yaml.

Example

app_checks:
  - name: snmp
    pattern:
      comm: python
      arg: /opt/draios/bin/sdchecks
    interval: 30
    conf:
      mibs_folder: /usr/share/mibs/ietf/
      ip_address: 52.53.158.103
      port: 161
      community_string: public

      # Only required for snmp v1, will default to 2
      # snmp_version: 2 

      # Optional tags can be set with each metric
      tags:
         - vendor:EMC
         - array:VNX5300
         - location:front

      metrics:
        - OID: 1.3.6.1.2.1.25.2.3.1.5
          name: hrStorageSize
        - OID: 1.3.6.1.2.1.1.7
          name: sysServices
        - MIB: TCP-MIB
          symbol: tcpActiveOpens
        - MIB: UDP-MIB
          symbol: udpInDatagrams
        - MIB: IP-MIB
          table: ipSystemStatsTable
          symbols:
            - ipSystemStatsInReceives
          metric_tags:
            - tag: ipversion
              index: 1        # specify which index you want to read the tag value from
        - MIB: IF-MIB
          table: ifTable
          symbols:
            - ifInOctets
            - ifOutOctets
          metric_tags:
            - tag: interface
              column: ifDescr  # specify which column to read the tag value from

The Sysdig agent allows you to monitor the SNMP counters and gauge of your choice. For each device, specify the metrics that you want to monitor in the metrics subsection using one of the following methods:

  1. Specify a MIB and the symbol that you want to export

    metrics:
      - MIB: UDP-MIB
        symbol: udpInDatagrams
  2. Specify an OID and the name you want the metric to appear under in Sysdig Monitor:

    metrics:
      - OID: 1.3.6.1.2.1.6.5
        name: tcpActiveOpens
    #The name here is the one specified in the MIB but you could use any name.
  3. Specify an MIB and a table from which to extract information:

    metrics:
      - MIB: IF-MIB
        table: ifTable
        symbols:
          - ifInOctets
        metric_tags:
          - tag: interface
        column: ifDescr

Metrics Available

The SNMP check does not have default metrics. All metrics mentioned in dragent.yaml file will be seen with snmp.* prefix/

Result in the Monitor UI

373982509.png
373982502.png