If SNMP is the preferred way to monitor devices, net-snmp can be configured using the eranger-snmp-agent RPM package.

This package will

• install net-snmp as a dependency

• move existing configuration files in /etc/snmp and /var/lib/net-snmp to *.bak

• add configuration files to /etc/snmp and /var/lib/net-snmp

• create SNMP v3 user skoor-snmp-template as a template for the final user

• create SNMP v3 user skoor-snmp-admin as administrator to create the final user and password

• add measurement scripts to /opt/eranger/bin/

  • snmp-top10-procs.sh

  • snmp-mailq.sh

• add script to configure SNMP extensions to /opt/eranger/bin

  • update-skoor-snmp-extensions.sh

• configure all scripts in /opt/eranger/bin with “snmp-” prefix as SNMP extensions (custom scripts may be added)

• configure firewalld to open SNMP ports

SNMP v3 Job templates

For details regarding templates, custom properties, execute jobs or SNMP jobs please visit the respective pages in this guide.

Custom properties

Add the following custom properties of type Password in the SKOOR admin section and add them to the SNMP User Setup job below:

SNMP User Setup

First, a job template should be created to configure the SNMP measurement user skoor-snmp on the monitored systems. This job must be configured with SKOOR default passwords and an individual secure password and key for measurements. Default users and passwords are deleted on the monitored devices when this job is run.

Define a job of type Execute with the interval set to No repetition:

Change job parameters to Inline script:

Copy and paste the following script into the Inline Script field:

. /opt/eranger/collector/eranger_exec_values.sh
ADMIN_AUTH=$PID_<your id>$
ADMIN_PRIV=$PID_<your id>$
TEMPLATE_AUTH=$PID_<your id>$
TEMPLATE_PRIV=$PID_<your id>$
USER_AUTH=$PID_<your id>$
USER_PRIV=$PID_<your id>$

# Create skoor-snmp user
# -A SNMP Admin Auth Pass, -X SNMP Admin Priv Pass
snmpusm -v 3 -u skoor-snmp-admin -l authPriv -a SHA -A $ADMIN_AUTH -x AES -X $ADMIN_PRIV $DEVICE_ADDRESS$ create skoor-snmp skoor-snmp-template || exit $?

# Change auth passphrase of skoor-snmp user
# -A SNMP Admin Auth Pass, -X SNMP Admin Priv Pass, -Ca passwd SNMP Template Auth Pass SNMP User Auth Pass
snmpusm -v 3 -u skoor-snmp-admin -l authPriv -a SHA -A $ADMIN_AUTH -x AES -X $ADMIN_PRIV $DEVICE_ADDRESS$ -Ca passwd $TEMPLATE_AUTH $USER_AUTH skoor-snmp || exit $?

# Change priv passphrase of skoor-snmp user
# -A SNMP Admin Auth Pass, -X SNMP Admin Priv Pass, -Ca passwd SNMP Template Priv Pass SNMP User Priv Pass
snmpusm -v 3 -u skoor-snmp-admin -l authPriv -a SHA -A $ADMIN_AUTH -x AES -X $ADMIN_PRIV $DEVICE_ADDRESS$ -Cx passwd $TEMPLATE_PRIV $USER_PRIV skoor-snmp || exit $?

# Delete skoor-snmp-template user
# -A SNMP Admin Auth Pass, -X SNMP Admin Priv Pass
snmpusm -v 3 -u skoor-snmp-admin -l authPriv -a SHA -A $ADMIN_AUTH -x AES -X $ADMIN_PRIV $DEVICE_ADDRESS$ delete skoor-snmp-template || exit $?

# Delete skoor-snmp-admin user
# -A SNMP Admin Auth Pass, -X SNMP Admin Priv Pass
snmpusm -v 3 -u skoor-snmp-admin -l authPriv -a SHA -A $ADMIN_AUTH -x AES -X $ADMIN_PRIV $DEVICE_ADDRESS$ delete skoor-snmp-admin || exit $?

Add the custom properties described above to the job and set the apropriate values:

Change the variables in the first section of the script to the apropriate custom property ids (PIDs). PIDs can be found by hovering over the custom property names.

ADMIN_AUTH=$PID_123$
ADMIN_PRIV=$PID_<your id>$
TEMPLATE_AUTH=$PID_<your id>$
TEMPLATE_PRIV=$PID_<your id>$
USER_AUTH=$PID_<your id>$
USER_PRIV=$PID_<your id>$

Measurement job templates

Add a job template containing the newly defined password and key (as set for USER_AUTH and USER_PRIV variables above) for authentication to the monitored devices. From this template, all measurement jobs can be derived, so the password is reused for all measurements: