Monitor Your switches - SNMP setting

rss

Posted by SwitchBackup Team - středa 6. ledna 2016 13:33:53

A. Install some server software to collect SNMP traps and collect and monitor events. If you have no one installed in your network yet, install some of free - for example Zenoss Core (linux, available also Virtual Appliance, look at Zenoss.org) or Mikrotik Dude (Windows, look at Mikrotik.com).

B. Investigate or create Your own community name (string for identification) - we use "My-SNMP-Community-String" in examples

C. Configure Your network devices to send traps (notification about events) to Your server. There are many SNMP protocol versions, remember version 1 and 2c use plain text athentification, version 3 cipher datata in packet. Cipher access data is nice, but this process loads CPU of the device. So best practices is to use version 2c due to low CPU load, to allow read-only access, do not use default community strings (public, private) and to use reserved management and monitoring VLAN due to security and broadcast limitations.

Cisco switch configuration example:
We are using vendor predefined classification of the events:

1 — Critical. The condition affects service.
2 — Major. Immediate action is needed.
3 — Minor. Minor warning conditions.
4 — Informational. No action is required. This is the default.

 


configure terminal
snmp-server community My-SNMP-Community-String RO
snmp-server host 192.168.1.2 version 2c My-SNMP-Community-String
snmp-server enable traps alarms 2
end

HP switch configuration example:
We are using vendor predefined classification of the events:

none - send no log messages
debug - send debug traps (for Internal use)
all - send all log messages
not-info - send all but informational-only messages
critical - send critical-level log message
informs - specify if informs will be sent, rather than notifications

configure
snmpserver host 192.168.1.2 My-SNMP-Community-String not-info
snmpserver community My-SNMP-Community-String operator restricted
snmpserver enable
end

3Com or Huawei switch configuration example:
Caution: Comware switches has usually SNMPv3 enabled in default setting


snmp-agent trap enable
snmp-agent targethost trap address udp-domain 192.168.1.2 udp-port 161 params securityname My-SNMP-Community-String
snmp-agent community read My-SNMP-Community-String
snmp-agent sys-info version v1 v2c
undo snmp-agent sys-info version v3
snmp-agent

 

Related threads