Monitoring tools often use SNMP to query another system's information and status. For that to work on a Red Hat Enterprise Linux system, that system will have to have SNMP configured. And to allow a remote (monitoring) system to query SNMP information of a Red Hat Enterprise Linux system, one has to complete the following 3 items:
- Set up SNMP.
- Configure SNMP to use a non-public community name.
- Allow access through the firewall, if configured.
Next, start and enable (at boot time) the SNMP daemon to run on the system:# yum -y install net-snmp net-snmp-utils
Now you can test if you can query SNMP infomation -locally- on the system, by using the snmpwalk command:# systemctl enable snmpd # systemctl start snmpd
The community string used above ("public") is a well-known SNMP community string, and this can be (and probably "is") utilized by hackers or other unfriendly people to obtain information about the system remotely, and as such, it's best practice to change the public community name into something a littlebit different, preferably something that can't be guessed very easily. For the sake of this tutorial, we'll change it to "kermit".# snmpwalk -v2c -c public localhost | head -5
Basically, you'll have to update this line in /etc/snmp/snmpd.conf from "public" to "kermit":
Before:
After:com2sec notConfigUser default public
Then, restart the SNMP daemon, so it picks up the changes to configuration file /etc/snmp/snmpd.conf:com2sec notConfigUser default kermit
Now test again with the snmpwalk command but this time by using the "kermit" community name:# systemctl restart snmpd
That should give you quite a bit of output. If it doesn't, you've made a mistake, and you'll have to re-trace your steps.# snmpwalk -v2c -c kermit localhost
The final step is to allow remote access. That will be needed if a remote system is being used to monitor the server, for example by a tool like Solarwinds. By default, remote access will be blocked by the firewall daemon on the system. To allow remote access, open up UDP port 161 on the client:
Now log in to a remote system and run a similar snmpwalk command, but this time, specify the hostname of the server that you're querying (instead of "localhost"). For example, if the name of the host is "myserver", run:# firewall-cmd --zone=public --add-port=161/udp --permanent # firewall-cmd --reload
And that's it. You can now remotely monitor a Linux server using SNMP, and you've secured it by changing the community name.# snmpwalk -v2c -c kermit myserver
If you found this useful, here's more on the same topic(s) in our blog:
- Using tcpdump to discover network information
- Temperature monitoring
- Removing a LVM based file system
- How to view threads of a process on Linux
- How to Mount and Unmount an ISO Image in RHEL
UNIX Health Check delivers software to scan Linux and AIX systems for potential issues. Run our software on your system, and receive a report in just a few minutes. UNIX Health Check is an automated check list. It will report on perfomance, capacity, stability and security issues. It will alert on configurations that can be improved per best practices, or items that should be improved per audit guidelines. A report will be generated in the format you wish, and the report includes the issues discovered and information on how to solve the issues as well.
Interested in learning more?
Interested in learning more?
