This article applies to PRTG Network Monitor 19 or later

Checklist: Setting up SNMP on Linux

Every so often, monitoring devices via SNMP causes issues. We collect the most common problems with SNMP in the article SNMP and PRTG: Basic Troubleshooting. On Linux systems, some additional points have to be considered. This article sums up the basic steps to set up SNMP on Debian-based systems for monitoring with PRTG. However, specific problems often require deeper analysis. If you have followed the checklist below and monitoring still does not work, do not hesitate to contact our support!

Good resources for information about SNMP on Linux systems are the articles on Sijoe Web's: SNMP Server (snmpd) and Client (snmp) Installation and Configuration in Debian and on ubuntuusers Wiki: SNMP (only in German). Refer to these pages if you need more details on this topic.

Note: This article applies to Debian-based systems. For other Linux distributions like RedHat, CentOS, and Suse, you will have to adapt the following steps a bit. For details, see archive.org: SNMP installation and configuration.

1. Set up SNMP

First, you need an SNMP server on your Linux machine. Install the packet snmpd to query network components, and the packet snmp to request values (for example walk or get). Use the following commands:sudo apt-get install snmpdsudo apt-get install snmpAfter having installed these packets, you must follow the configuration steps below.

Basic configuration: SNMP v1 and v2

The configuration file snmpd.conf is located in the /etc/snmp directory. Please make a backup of the original file before editing it.

You have to set up the SNMP server in order to allow read access from other machines. Open the configuration file with an editor. # sec.name source community com2sec paranoid default public Change the entry paranoid to readonly or readwrite. You can define sources as you want (for example 127.0.0.1 to only allow access from the local machine), and you can modify the community string as well. Save the changes to the configuration and restart the SNMP daemon: sudo service snmpd restart 

Basic configuration: SNMP v3

If you want to use SNMP v3, you need the packet openssl in addition. Stop the SNMP daemon and create an SNMP v3 user: sudo service snmpd stop 

 sudo net-snmp-config --create-snmpv3-user -ro -X DES -A MD5 -a "SNMP_PWD" -x "SNMP_PWD" username 

After that, force encryption in the file /usr/share/snmp/snmpd.conf by adding AuthPriv:rouser username AuthPriv

Furthermore, delete the file /etc/snmp/snmpd.conf, and create a new one with the following content:

group groupv3 usm username view all included .iso 80

Note: Ubuntu 18.04 implements stronger security mechanisms, so you have to provide a wider path in /etc/snmp/snmpd.conf: view systemonly included .1.3.6.1

# context sec.model sec.level match read write notif access groupv3 "" any auth exact all all all syslocation Unknown syscontact Root <root@localhost> 

Then start the daemon again:sudo service snmpd start

2. Set up access

By default, only requests on localhost are allowed. In order to allow access for other IPs on the monitored computer, modify the start options in the file /etc/default/snmpd. There you will find the following line: SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1' You have two options now:

• In order to allow requests for all network interfaces, delete 127.0.0.1 from the line.
• To allow requests only for specific devices, add the corresponding IPs after 127.0.0.1, separated by spaces. Then restart snmpd. You can also allow access only for specific computers by modifying /etc/snmp/snmpd.conf accordingly. Just specify the sources there with the IP addresses that should get access.

# com2sec paranoid default public# com2sec readonly default public com2sec readonly xxx.xxx.xxx.xxx/32 public com2sec readonly yyy.yyy.yyy.yyy/32 public 

Note: If you have a firewall, you need to open the UDP port 161 to get access from other computers. For example, use the following commands to open access:

iptables -A OUTPUT -p udp -m udp --sport 161 -j ACCEPT iptables -A ufw-user-input -p udp -m udp --dport 161 -j ACCEPT

3. Test the configuration with an SNMP walk

You can test your configuration with an SNMP walk. A walk shows you lists of return values requested from a specific device. Use the following command to show a list of available data on your Linux machine:snmpwalk –v1 –c public localhostWith the following command, a list of memory values on a specific device (indicated with <IP>) is returned:snmpwalk v1 –c –private <IP> memory

Note: Do not only use 127.0.0.1 for testing, but also external IPs.

4. Test the configuration with the SNMP Tester

Use the SNMP Tester to run test queries against your Linux device. This tool enables you to debug SNMP activities in order to find problems in your SNMP configuration. For more information, the download, and the manual, please refer to Paessler SNMP Tester.

5. Create sensors in PRTG

PRTG already provides several SNMP sensors for Linux monitoring out of the box. You can natively monitor for example free disk space, load average, memory usage, and I/O on physical disks via SNMP.

Of course, you can also use the SNMP Library sensor to adjust monitoring to your needs. PRTG already includes a basic Linux OID library (ucd-snmp-mib).

1. Create a device for the Linux machine you want to monitor (enter this computer's IP address or DNS name)
2. On this device, create an SNMP Library sensor or one of the natively available ones.
   1. For the SNMP Library sensor: From the appearing list, select the basic linux library (ucd-snmp-mib).oidlib file.
   2. In the next step, you will see a list of library OIDs that indicate the available sensors. Select the sensors you want to monitor by marking the corresponding checkboxes.
3. Click Continue.

PRTG will start to monitor your Linux device immediately.

See also

• Monitoring processes in Linux
• How to enable SNMP on your operating system 

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.