[CentOS] SNMP and OID/MIB/MRTG

Filipe Brandenburger filbranden at gmail.com
Fri Sep 12 02:23:21 UTC 2008


Hi,

On Thu, Sep 11, 2008 at 21:46, Bob Hoffman <bob at bobhoffman.com> wrote:
> Question 1- does snmpd have to run as a daemon, or only run once so I can
> get OID and MIBs from it?

Yes, it has to be running as a daemon.

> Question 2- does anyone know the command in snmp to get the required OID and
> MIBs that MRTG needs to use? Or at least the name of it? There are a lot of
> poorly written man pages, but so far all of them require an MIB or OID to
> use the commands I have read.

Well, the OIDs that you will use on MRTG's config will depend on what
you want MRTG to trace. Is it the network traffic? Is it the disk
usage? Is it the CPU usage? Free memory? You can get MRTG to trace any
of that by using the specific OIDs. You can use the "snmpwalk" program
to see all the information that the daemon will have to offer in order
to choose what you want to plot.

> Question 3- since not going outside of the server, is there any security
> setting in some snmp config file that makes it only look on my local server
> and not allow others to use it or hack it?

Yes, you can restrict snmpd to answer only to the localhost. I suggest
you start with a /etc/snmp/snmpd.conf that contains this line only:

rocommunity MySecretString 127.0.0.1

Replace "MySecretString" with a secret string not known to others,
this string is what is called "community" in snmp-speak. This way,
snmpd will answer only to queries made from the localhost, and only to
someone who knows the right "community" secret string (like a
password).

> Question 4- all over the internet there are examples in MRTG using all sorts
> of made up names like 'crazyguy33 at servername' and things like that for the
> cfg file. And alsoin the snmp forum posts, but no one really talks about
> where this name comes from other than it is assigned to your network device
> or something.

This is probably the community and the host. As I suggested
restricting to localhost only, you will probably want to use something
like "MySecretString at localhost", obviously replacing "MySecretString"
with the one you chose.

The CentOS Wiki also has resources on MRTG, I suggest you look there as well:
http://wiki.centos.org/TipsAndTricks/MRTG

HTH!
Filipe


More information about the CentOS mailing list