The other day I was working on adding some of the Redhat servers in production for monitoring. I also got the SNMP community string from the team who is managing the monitoring tools as well.
I even informed them I would configure the SNMP on the server in another 5mins :).
Do you know what happened when I logged into the server and went to edit the SNMP config file?
It turns out that “snmpd.conf” file doesn’t exist, oh man…
I went ahead and checked on another server I had added earlier to the production, and the SNMP configs were present on that server.
Since the SNMP file doesn’t exist on the server, I concluded that the SNMP package not installed on my current RedHat server, and I decided to download and install them.
I made sure I have internet access on this box and I tried to download the SNMP package by running the command below, which would download all the required dependencies to run the SNMP service on the server.
However, I got the below error message. Which means I don’t have a Redhat subscription!
[[email protected] ~]# yum install -y net-snmp net-snmp-libs net-snmp-utils Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is not registered with an entitlement server. You can use subscription-manager to register. There are no enabled repos. Run "yum repolist all" to see the repos you have. To enable Red Hat Subscription Management repositories: subscription-manager repos --enable To enable custom repositories: yum-config-manager --enable
In this article, I am going to cover how to configure SNMP on the Redhat machine and troubleshooting steps when SNMP doesn’t work. That way you would have full visibility on your Redhat Linux server in production.
How to add Redhat subscription to the server?
Well, that can’t be happening, I already have Redhat subscription, and I shouldn’t be getting the above error message. Then when I went ahead and checked the Redhat subscription status by entering the commands below, I realized that I hadn’t added this server to the Redhat subscription.
[[email protected] ~]# cat /etc/sysconfig/rhn/systemid cat: /etc/sysconfig/rhn/systemid: No such file or directory [[email protected] ~] # sudo subscription-manager status +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Unknown
Since I haven’t added this server to the Redhat subscription, even though I had a subscription with Redhat, I went ahead and added the subscription by running the below command.
[[email protected] ~]# subscription-manager register --auto-attach Registering to: subscription.rhsm.redhat.com:443/subscription Username: your username Password: your password The system has been registered with ID: you will find your ID here Installed Product Current Status: Product Name: Red Hat Enterprise Linux Server Status: Subscribed
Let me check the Redhat subscription status now.
[[email protected] ~]# sudo subscription-manager status +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Current
aha! some sigh of relief as I just added the Redhat server to the Redhat subscription now.
Note: Can you run this command while the server is in production?.
Of course, you can as it’s just attaching the subscription and won’t make any further changes on the server.
Why do we need SNMP?
The SNMP protocol is the best way to monitor Redhat / Centos servers or any other network hosts on the network. With the help of the SNMP protocol, the monitoring tools can show you many device performance parameters. Such as CPU utilization based on each core, memory utilization, hard disk utilization, network interface utilization and so on.
Install and Configure SNMP on Redhat or CentOS Step by step
The below steps we are going to use is the same for both Redhat and CentOS. One great thing about CentOS is that you don’t need to have any sort of subscription as it’s community-based.
Step1. Installation of SNMP package.
- After you have added the subscription to the Redhat server, you can go ahead and install the SNMP files by running the below command.
[[email protected] ~]# yum install -y net-snmp net-snmp-libs net-snmp-utils
Eventually, you would be able to see the below message saying that the SNMP package installation has completed.
Installed: net-snmp.x86_64 1:5.7.2-37.el7 net-snmp-utils.x86_64 1:5.7.2-37.el7 Updated: net-snmp-libs.x86_64 1:5.7.2-37.el7 Dependency Updated: net-snmp-agent-libs.x86_64 1:5.7.2-37.el7 Complete!
- You can check the status of SNMP on the server by running the below command.
As you can see the SNMP status is inactive at the moment. even though we have installed the package, we are going to fix that soon.
[[email protected] ~]# service snmpd status Redirecting to /bin/systemctl status snmpd.service ● snmpd.service - Simple Network Management Protocol (SNMP) Daemon. Loaded: loaded (/usr/lib/systemd/system/snmpd.service; disabled; vendor preset: disabled) Active: inactive (dead)
What if I have a test environment where I don’t have Redhat subscription?
If you are in the lab it’s very important that you enable ‘Remote Management for Linux’ during the Redhat OS installation. That way the server would enable the SNMP package before the installation and you would have the package ready to use. If not, you would need to attach the Redhat subscription to download the SNMP package to the system, which usually you may not have on lab servers. or you may need to find alternate ways to download and install the SNMP package on the Redhat server later on.
Note: You can enable the same for CentOS as well, but it doesn’t matter as I can enable this once I have an internet connection without any subscription from Redhat.
Step2. SNMP configuration in Redhat and CentOS.
Now that you have SNMP service installed on both Redhat or Centos server, next you would have to add the server to the SNMP monitoring.
to do that, you need to change the SNMP community string under
- Let’s go ahead and edit the SNMP configuration file and add the string.
- Goto the below line and edit the string ‘public’ which is the default to whatever the community string you may have received from the team.
com 2sec notConfigUser default public
- Once you added the string to the config, save the configuration and restart the SNMP service using the below command.
[[email protected] admin]# service snmpd restart Redirecting to /bin/systemctl restart snmpd.service [[email protected] admin]
- SNMP service now restarted and it should be active now, you can check the status by the command
service snmpd status
Step3. Allow SNMP port on Linux firewall
Sometimes your monitoring team may say that SNMP still not working even after it has configured. The problem could be either the SNMP service is not running or the SNMP port 161 not allowed on the Redhat or CentOS Linux server firewall or iptables.
Note : firewalld is the firewall service on Redhat 7 and CentOS 7.
If you running an older version than that, it uses IPtables. To see which version you are running enter the command
If the SNMP service is not running you can type service SNMP start or restart to activate the service.
- Check the status of firewall service on Rhel 7 or Centos 7.
For older version try
service iptables status, basically replace firewalld with iptables.
by default firewall on the RedHat would be active, as you can see below.
[[email protected] ~]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2019-07-09 21:51:15 IST; 18h left Docs: man:firewalld(1) Main PID: 922 (firewalld) CGroup: /system.slice/firewalld.service └─922 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
There are two ways you can troubleshoot an issue with SNMP that doesn’t work.
- First, you can stop the firewall service on Redhat by issuing the below command to test. This should allow SNMP port 161 and snmp starts to work.
service firewalld stop
Note: Stopping the firewall service is not a recommended solution in the production environments. Only do this when you are in a non-production environment.
- Second, you can allow the SNMP port number 161 on the Redhat firewall.
To allow the SNMP port 161 on the Linux firewall you can type the below command to allow SNMP service on the system, that would enable the port as well.
[[email protected] ~]# firewall-cmd --add-service=snmp --permanent success [[email protected] ~]#
- And restart the firewall service.
[[email protected] ~]# service firewalld restart Redirecting to /bin/systemctl restart firewalld.service [[email protected] ~]#
To Allow SNMP port on IPtables.
If you are using iptables instead of firewall you may enable the snmp port as below.
# iptables -I INPUT -p udp -m udp --dport 161 -j ACCEPT # iptables -I INPUT -p udp -m udp --dport 162 -j ACCEPT
And save the config
# iptables-save > /etc/sysconfig/iptables
You are all set now to monitor the device, you can ask the team to check the connectivity and it should be good now.