[Solution] How to Configure SNMP on Rhel (Redhat) or CentOS

Saifudheen SidheeqLatest Posts, Linux, NetworkingLeave a Comment

The other day I was working on adding some of the Redhat servers in production for monitoring. I also got the SNMP community string from the team who is managing the monitoring tools as well.

I even informed them I would configure the SNMP on the server in another 5mins :).
Do you know what happened when I logged into the server and went to edit the SNMP config file?

 /etc/snmp/snmpd.conf

It turns out that “snmpd.conf” file doesn’t exist, oh man…
I went ahead and checked on another server I had added earlier to the production, and the SNMP configs were present on that server.

Since the SNMP file doesn’t exist on the server, I concluded that the SNMP package not installed on my current RedHat server, and I decided to download and install them.
I made sure I have internet access on this box and I tried to download the SNMP package by running the command below, which would download all the required dependencies to run the SNMP service on the server.

However, I got the below error message. Which means I don’t have a Redhat subscription!

[[email protected] ~]# yum install -y net-snmp net-snmp-libs net-snmp-utils
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 To enable Red Hat Subscription Management repositories:
     subscription-manager repos --enable 
 To enable custom repositories:
     yum-config-manager --enable 

In this article, I am going to cover how to configure SNMP on the Redhat machine and troubleshooting steps when SNMP doesn’t work. That way you would have full visibility on your Redhat Linux server in production.

How to add Redhat subscription to the server?

Well, that can’t be happening, I already have Redhat subscription, and I shouldn’t be getting the above error message. Then when I went ahead and checked the Redhat subscription status by entering the commands below, I realized that I hadn’t added this server to the Redhat subscription.

[[email protected] ~]# cat /etc/sysconfig/rhn/systemid cat: /etc/sysconfig/rhn/systemid: No such file or directory 
[[email protected] ~] # sudo subscription-manager status
+-------------------------------------------+
   System Status Details
+-------------------------------------------+
Overall Status: Unknown

Since I haven’t added this server to the Redhat subscription, even though I had a subscription with Redhat, I went ahead and added the subscription by running the below command.

[[email protected] ~]# subscription-manager register --auto-attach
Registering to: subscription.rhsm.redhat.com:443/subscription
Username: your username
Password: your password
The system has been registered with ID: you will find your ID here
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status:       Subscribed

Let me check the Redhat subscription status now.

[[email protected] ~]# sudo subscription-manager status
+-------------------------------------------+
System Status Details
+-------------------------------------------+
Overall Status: Current

aha! some sigh of relief as I just added the Redhat server to the Redhat subscription now.
Note: Can you run this command while the server is in production?.
Of course, you can as it’s just attaching the subscription and won’t make any further changes on the server.

Why do we need SNMP?

The SNMP protocol is the best way to monitor Redhat / Centos servers or any other network hosts on the network.  With the help of the SNMP protocol, the monitoring tools can show you many device performance parameters. Such as CPU utilization based on each core, memory utilization, hard disk utilization, network interface utilization and so on.

Install and Configure SNMP on Redhat or CentOS Step by step

The below steps we are going to use is the same for both Redhat and CentOS. One great thing about CentOS is that you don’t need to have any sort of subscription as it’s community-based.

Step1. Installation of SNMP package.

  • After you have added the subscription to the Redhat server, you can go ahead and install the SNMP files by running the below command.
[[email protected] ~]# yum install -y net-snmp net-snmp-libs net-snmp-utils

Eventually, you would be able to see the below message saying that the SNMP package installation has completed.

Installed:
  net-snmp.x86_64 1:5.7.2-37.el7      net-snmp-utils.x86_64 1:5.7.2-37.el7
Updated:
  net-snmp-libs.x86_64 1:5.7.2-37.el7
Dependency Updated:
  net-snmp-agent-libs.x86_64 1:5.7.2-37.el7
Complete!
  • You can check the status of SNMP on the server by running the below command.

As you can see the SNMP status is inactive at the moment. even though we have installed the package, we are going to fix that soon.

[[email protected] ~]# service snmpd status
Redirecting to /bin/systemctl status snmpd.service
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
   Loaded: loaded (/usr/lib/systemd/system/snmpd.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

What if I have a test environment where I don’t have Redhat subscription?

If you are in the lab it’s very important that you enable ‘Remote Management for Linux’ during the Redhat OS installation. That way the server would enable the SNMP package before the installation and you would have the package ready to use. If not, you would need to attach the Redhat subscription to download the SNMP package to the system, which usually you may not have on lab servers. or you may need to find alternate ways to download and install the SNMP package on the Redhat server later on.

enable snmp on redhat servers during installation

Note: You can enable the same for CentOS as well, but it doesn’t matter as I can enable this once I have an internet connection without any subscription from Redhat.

Step2. SNMP configuration in Redhat and CentOS.

Now that you have SNMP service installed on both Redhat or Centos server, next you would have to add the server to the SNMP monitoring.
to do that, you need to change the SNMP community string under /etc/snmp/snmpd.conf

  • Let’s go ahead and edit the SNMP configuration file and add the string.
vi /etc/snmp/snmpd.conf
  • Goto the below line and edit the string ‘public’ which is the default to whatever the community string you may have received from the team.
com 2sec notConfigUser default public
SNMP configuration on RHEL, REDHAT or CENTOS
  • Once you added the string to the config, save the configuration and restart the SNMP service using the below command.
[[email protected] admin]# service snmpd restart
Redirecting to /bin/systemctl restart snmpd.service
[[email protected] admin]
  • SNMP service now restarted and it should be active now, you can check the status by the command
service snmpd status

Step3. Allow SNMP port on Linux firewall

Sometimes your monitoring team may say that SNMP still not working even after it has configured. The problem could be either the SNMP service is not running or the SNMP port 161 not allowed on the Redhat or CentOS Linux server firewall or iptables.

Note : firewalld is the firewall service on Redhat 7 and CentOS 7.
If you running an older version than that, it uses IPtables. To see which version you are running enter the command cat /etc/redhat-release

If the SNMP service is not running you can type service SNMP start or restart to activate the service.

  • Check the status of firewall service on Rhel 7 or Centos 7.
    For older version try service iptables status , basically replace firewalld with iptables.

by default firewall on the RedHat would be active, as you can see below.

[[email protected] ~]# service firewalld status
Redirecting to /bin/systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2019-07-09 21:51:15 IST; 18h left
     Docs: man:firewalld(1)
 Main PID: 922 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─922 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

There are two ways you can troubleshoot an issue with SNMP that doesn’t work.

  • First, you can stop the firewall service on Redhat by issuing the below command to test. This should allow SNMP port 161 and snmp starts to work.
service firewalld stop

Note: Stopping the firewall service is not a recommended solution in the production environments. Only do this when you are in a non-production environment.

  • Second, you can allow the SNMP port number 161 on the Redhat firewall.

To allow the SNMP port 161 on the Linux firewall you can type the below command to allow SNMP service on the system, that would enable the port as well.

[[email protected] ~]# firewall-cmd --add-service=snmp --permanent 
success
[[email protected] ~]#
  • And restart the firewall service.
[[email protected] ~]# service firewalld restart
Redirecting to /bin/systemctl restart firewalld.service
[[email protected] ~]# 

To Allow SNMP port on IPtables.

If you are using iptables instead of firewall you may enable the snmp port as below.

# iptables -I INPUT -p udp -m udp --dport 161 -j ACCEPT
# iptables -I INPUT -p udp -m udp --dport 162 -j ACCEPT

And save the config

# iptables-save > /etc/sysconfig/iptables

You are all set now to monitor the device, you can ask the team to check the connectivity and it should be good now.


Learn About This Author

Saifudheen Sidheeq

Saifudheen is in the Computer networking and technology field for about a decade now. He loves technology and new ideas, and in his spare time, he loves to write about them.