cancel
Showing results for 
Search instead for 
Did you mean: 

Configuring SNMP Event Monitoring & Testing Alerts

UnboundID KevinL
0 Kudos

Configuring SNMP Event Monitoring in UnboundID

This section will outline how to configure the UnboundID Server to send out SNMP traps and how to setup a basic SNMP trap receiver for testing. The assumption is that you are on a Redhat or similar distribution of Linux.

SNMP OS Level Configuration

  1. You will need to install the following software on a typical Linux system:
    $ yum install net-snmp net-snmp-utils
  2. Once the software is installed you can then modify the configuration files and configure this to be enabled during server reboot. Also all traps will be logged to the /var/log/snmptrap.log for this purpose.

  3. Create the SNMPv3 User
    Make sure snmpd is stopped:
    
    $ service snmpd stop
    $ net-snmp-create-v3-user -A password -a MD5 -x DES snmpagent
    
    The command will output the following information:
    
    adding the following line to /var/lib/net-snmp/snmpd.conf:
    createUser snmpagent MD5 "password" DES
    adding the following line to /etc/snmp/snmpd.conf:
    rwuser snmpagent
  4. Start the SNMP deamon
    $ service snmpd start
  5. Test to ensure that the configuration is working:

    $ snmpwalk -u snmpagent -A password -a MD5 \
    -l authnoPriv localhost -v3
  6. Edit the SNMP configuration files

    Edit the /etc/snmp/snmpd.conf file and make sure the master agentx 
    and trap2sink lines are added: master agentx agentXSocket tcp:localhost:705 udp:161 trap2sink localhost:162 public rwuser snmpagent Edit the /etc/snmp/snmptrapd.conf file and make sure the following
    lines are set authCommunity log,execute,net public logOption f /var/log/snmptrap.log Edit the /etc/init.d/snmpd start file In this file you will need to change the OPTIONS section and update
    it to look as follows ( should all be on one line): OPTIONS="-LS0-6d -Lf /dev/null -p /var/run/snmpd.pid
    --master=agentx --agentXSocket=tcp:localhost:705 udp:161"
  7. Then you can restart the SNMP deamon :
    $ service snmpd restart
  8. Edit the /etc/init.d/snmptrapd file

    Make sure the following line is in place:
    
    # config: /etc/snmp/snmptrapd.conf
  9. Then you can restart the SNMP Trad Deamon:

    $ service snmptrapd restart

UnboundID Product Configuration

The UnboundID Servers are all configured in the same way to allow SNMP traps to be sent out so the following commands will work on any of the UnboundID products. For these instructions we will use the UnboundID Data Store as the reference product we are configuring.

  1. Enable the Data Store’s SNMP plug-in using the dsconfig tool. Make sure to specify the address and port of the SNMP master agent. On each Data Store instance, enable the SNMP subagent. Note that the SNMPv3 context name is limited to 30 bytes maximum. If the default dynamically-constructed instance name is greater than 30 bytes, there will be an error when attempting to enable the plugin.

    $ bin/dsconfig set-plugin-prop --plugin-name "SNMP Subagent" \
    --set enabled:true --set agentx-address:localhost \
    --set agentx-port:705 --set session-timeout:5s \
    --set connect-retry-max-wait:10s
  2. Enable the SNMP Subagent Alert Handler so that the sub-agent will send traps for administrative alerts generated by the server.

    $ bin/dsconfig set-alert-handler-prop \
    --handler-name "SNMP Subagent Alert Handler" --set enabled:true
  3. Install the MIB definitions for the Net-SNMP client tools, usually located in the /usr/share/snmp/mibs directory.

    $ cp resource/mib/* /usr/share/snmp/mibs
  4. You should now see a line in the error log of the data store similar to the following:

    [29/Jul/2014:15:33:37.831 -0500] instanceName="hostname:port" threadID=-1 
    category=PLUGIN severity=NOTICE msgID=1886847020 msg="The SNMP sub-agent
    connected successfully to the master agent at localhost:705. The SNMP
    context name is {hostname:port}"
  5. Now you can do some tests to ensure that you can query the Data Store via SNMP

    $ snmpget -v 3 -u snmpagent -A password -a MD5 -l \
    authnoPriv -n {hostname:port} \
    -m all localhost localDBBackendCount.0
    
    Where {hostname:port} is the SNMP context name that was listed in 
    the log file in step 4 above. Should be the hostname and ldap port
    of the server. UNBOUNDID-LOCAL-DB-BACKEND-MIB::localDBBackendCount.0 = INTEGER: 1
  6. You can use the 'snmp walk' command to get the status of the server.

    $ snmpwalk -v 3 -u snmpagent -A password -a MD5 \
    -l authnoPriv -n {hostname:port} \
    -m all localhost systemStatus
    
    Where {hostname:port} is the SNMP context name that was listed in 
    the log file in step 4 above. Should be the hostname and ldap port
    of the server. UNBOUNDID-SYSTEM-STATUS-MIB::totalConnections.0 = Counter64: 574 UNBOUNDID-SYSTEM-STATUS-MIB::currentNumConnections.0 = INTEGER: 259 UNBOUNDID-SYSTEM-STATUS-MIB::maxWorkQueueSize.0 = Gauge32: 0 UNBOUNDID-SYSTEM-STATUS-MIB::averageWorkQueueSize.0 = STRING: "0" UNBOUNDID-SYSTEM-STATUS-MIB::maxWorkerThreadPercentBusy.0 = Gauge32: 13 UNBOUNDID-SYSTEM-STATUS-MIB::averageWorkerThreadPercentBusy.0 = Gauge32: 0 

Testing Alerts over SNMP

  1. You can test the alerting function of the Data Store now by sending in a test alert using the Task feature in the server.

  2. Create an LDIF file (test-alert.ldif) with the following information:

    dn: ds-task-id=Test Leaving Lockdown Mode Alert,cn=Scheduled Tasks,cn=Tasks
    objectClass: top
    objectClass: ds-task
    objectClass: ds-task-alert
    ds-task-id: Test Leaving Lockdown Mode Alert
    ds-task-class-name: com.unboundid.directory.server.tasks.AlertTask
    ds-task-alert-type: leaving-lockdown-mode
    ds-task-alert-message: Testing SNMP Alerts
  3. Add this entry to the Data Store using ldapmodify:

    $ bin/ldapmodify -p {port} -D "cn=directory manager" \
    -w {password} -a -f /path/to/test-alert.ldif
  4. You should then see something similar in the /var/log/snmptrap.log file

    2016-05-12 12:30:52 localhost [UDP: [127.0.0.1]:57153->[127.0.0.1]]:
    DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (17018) 0:02:50.18 
    SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.
    30221.2.10.3.29 SNMPv2-SMI::enterprises.30221.2.10.4.1 = INTEGER: 0
    SNMPv2-SMI::enterprises.30221.2.10.4.2 = STRING:
    "Server Leaving Lockdown Mode" SNMPv2-SMI::enterprises.30221.2.10.4.3 =
    STRING: "Testing" SNMPv2-SMI::enterprises.30221.2.10.4.4 = STRING:
    "UnboundID Identity Data Store (#####.unboundid.lab:####):
    com.unboundid.directory.server.types.AlertType"
    SNMPv2-SMI::enterprises.30221.2.10.4.5 = INTEGER: 4
    SNMPv2-SMI::enterprises.30221.2.10.4.6 = Hex-STRING: 07 E0 05 0C 0C 1E 34 08 2D FB 00
    SNMPv2-SMI::enterprises.30221.2.10.4.7 = INTEGER: 549
    SNMPv2-SMI::enterprises.30221.2.10.4.8 = STRING: "Server Leaving Lockdown Mode"
    SNMPv2-SMI::enterprises.30221.2.10.4.9 = INTEGER: 6 SNMPv2-
    SMI::enterprises.30221.2.10.4.10 = INTEGER: 71
    SNMPv2- SMI::enterprises.30221.2.10.4.11 = STRING: "Testing SNMP Alerts"