Configure SNMP on the INSIGHT Appliance

Avatar
Joshua Mbeng
Follow


Purpose: Enable and configure SNMP monitoring on the INSIGHT Appliance so external monitoring tools (e.g., SolarWinds, Nagios, etc.) can collect system metrics.

INSIGHT Appliances do support SNMP, however it is beyond the scope of INSIGHT support to configure your SNMP settings

The example configuration file shown below demonstrates a typical SNMP setup that enables read-only access from an authorized monitoring server. Your organization may need to adjust the file (community strings, IP restrictions, etc.) to match your environment and security policies.

 

1. SSH to the Appliance Host as protect user (or as appuser and issue the "bash" command from INSCLI to drop in as protect)

OR

For Enforce/Detection server (VM): Login as appuser 

 

2. Backup the snmpd.conf file:


sudo cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak

 

3. Edit the snmpd.conf file with sudoedit. Enter your SNMP configuration settings as needed:

Note: It is beyond the scope of INSIGHT support to configure your SNMP settings.

 

sudoedit /etc/snmp/snmpd.conf

 

=======EXAMPLE snmpd.conf======

Important Tip: Be ABSOLUTELY SURE that you choose a unique community string and replace the community strings in the below examples. Keep each secret, and keep each safe.

 

# Map 'idv90we3rnov90werABCD' community to the 'ConfigUser'
# Map '209ijvfwer0df92jdABCD' community to the 'AllUser'
# sec.name source community
com2sec ConfigUser default idv90we3rnov90werABCD
com2sec AllUser default 209ijvfwer0df92jdABCD
# Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
# Map 'AllUser' to 'AllGroup' for SNMP Version 2c
# sec.model sec.name
group ConfigGroup v2c ConfigUser
group AllGroup v2c AllUser
# Define 'SystemView', which includes everything under .1.3.6.1.2.1.1 (or .1.3.6.1.2.1.25.1)
# Define 'AllView', which includes everything under .1
# incl/excl subtree
view SystemView included .1.3.6.1.2.1.1
view SystemView included .1.3.6.1.2.1.25.1.1
view AllView included .1
# Give 'ConfigGroup' read access to objects in the view 'SystemView'
# Give 'AllGroup' read access to objects in the view 'AllView'
# context model level prefix read write notify
access ConfigGroup "" any noauth exact SystemView none none
access AllGroup "" any noauth exact AllView none none

rocommunity mysnmp1 10.1.40.113
rwcommunity mysnmp1 10.1.40.113
Trapsink 10.1.40.113

 

=============

 

 

4. Enable then Restart SNMP service

 

sudo systemctl enable snmpd

sudo systemctl restart snmpd

sudo systemctl status snmpd

 

The changes you enabled should now be configured.

 

5. Test locally


snmpwalk -v2c -c public localhost system (may need to adjust as needed depending on configuration)

If it returns data (like sysDescr, sysUpTime, etc.), SNMP is working.
 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.