Sunday, 6 September 2009

Running an SNMP Agent on OS-X Leopard 10.5.x

I have been writing a awk script to parse SNMP data. The data would be collected using snmpbulkwalk, piped through the awk script and the output can be saved to a file or piped through some XML processor.

eg.
snmpbulkwalk -v2c -cpublic -OXf some.ip.address > machine.snmpwalk
snmpbulkwalk -v2c -cpublic -OXf some.ip.address | awk -f script.awk | xmllint --format - > machine.snmpwalk.xml
To test it I wanted an SNMP agent running on OS-X. I found this web page helpful so thought I would document my experience here.

Unix Alert

This post assumes that you understand most of the jargon and Unix commands that come with OS-X. I also use programs from the fink project.

Edit /etc/hostconfig

I used joe (from fink), but you could use nano or any other text editor.
  1. sudo joe /etc/hostconfig
  2. Change SNMPSERVER=-NO- to -YES-
NB: I haven't rebooted yet so I don't know if the SNMP agent starts automatically. For me this is not important since I am only testing and not wanting the actually collect SNMP data.
# This file is going away

AFPSERVER=-NO-
AUTHSERVER=-NO-
AUTOMOUNT=-YES-
NFSLOCKS=-AUTOMATIC-
NISDOMAIN=-NO-
TIMESYNC=-YES-
QTSSERVER=-NO-
WEBSERVER=-NO-
SMBSERVER=-NO-
SNMPSERVER=-YES-

Edit /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

To make the SNMP agent start at boot time I found this post which explains that you need to edit /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist and to change the element following the Disabled key from true to false.
<key>Disabled</key>
<false/>
Creating the SNMP Agent Configuration Files

You could do it manually, but why would you?
sudo /usr/bin/snmpconf -i
Notes
  • It asked me to merge in an existing file in /etc/snmp/snmpd.conf which I did.
  • I only created the snmpd.conf file.
  • I only changed the Access Control Setup (but you could do this manually if you prefer).
  • I later manually edited the file to change the location and contact details.

Here is a shortened log:
fox:pc-snmp2xml phil$ sudo /usr/bin/snmpconf -i

The following installed configuration files were found:

1: /etc/snmp/snmpd.conf

Would you like me to read them in? Their content will be merged with the
output files created by this session.

Valid answer examples: "all", "none","3","1,2,5"

Read in which (default = all):

I can create the following types of configuration files for you.
Select the file type you wish to create:
(you can create more than one as you run this program)

1: snmpd.conf
2: snmptrapd.conf
3: snmp.conf

Other options: quit

Select File: 1

The configuration information which can be put into snmpd.conf is divided
into sections. Select a configuration section for snmpd.conf
that you wish to create:

1: Access Control Setup
2: Extending the Agent
3: Monitor Various Aspects of the Running Host
4: Agent Operating Mode
5: System Information Setup
6: Trap Destinations

Other options: finished

Select section: 1

Section: Access Control Setup
Description:
This section defines who is allowed to talk to your running
snmp agent.

Select from:

1: a SNMPv3 read-write user
2: a SNMPv3 read-only user
3: a SNMPv1/SNMPv2c read-only access community name
4: a SNMPv1/SNMPv2c read-write access community name

Other options: finished, list

Select section: 3

Configuring: rocommunity
Description:
a SNMPv1/SNMPv2c read-only access community name
arguments: community [default|hostname|network/bits] [oid]

The community name to add read-only access for: public
The hostname or network address to accept this community name from [RETURN for all]:
The OID that this community should be restricted to [RETURN for no-restriction]:

Finished Output: rocommunity public

Section: Access Control Setup
Description:
This section defines who is allowed to talk to your running
snmp agent.

Select from:

1: a SNMPv3 read-write user
2: a SNMPv3 read-only user
3: a SNMPv1/SNMPv2c read-only access community name
4: a SNMPv1/SNMPv2c read-write access community name

Other options: finished, list

Select section: finished

The configuration information which can be put into snmpd.conf is divided
into sections. Select a configuration section for snmpd.conf
that you wish to create:

1: Access Control Setup
2: Extending the Agent
3: Monitor Various Aspects of the Running Host
4: Agent Operating Mode
5: System Information Setup
6: Trap Destinations

Other options: finished

Select section: finished

I can create the following types of configuration files for you.
Select the file type you wish to create:
(you can create more than one as you run this program)

1: snmpd.conf
2: snmptrapd.conf
3: snmp.conf

Other options: quit

Select File: quit


The following files were created:

snmpd.conf installed in /usr/share/snmp
Manually Editing the SNMP Agent Configuration File

I used joe (from fink), but you could use nano or any other text editor.
sudo joe /usr/share/snmp/snmpd.conf
Starting the SNMP Agent

Note: This is also required to start the agent after a reboot.
sudo /usr/sbin/snmpd
Testing the SNMP Agent
snmpbulkwalk -v2c -cpublic 127.0.0.1
You should see something like this:
SNMPv2-MIB::sysDescr.0 = STRING: Darwin fox.local 9.8.0 Darwin Kernel Version 9.8.0: Wed Jul 15 16:55:01 PDT 2009; root:xnu-1228.15.4~1/RELEASE_I386 i386
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.255
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (173086) 0:28:50.86
SNMPv2-MIB::sysContact.0 = STRING: bill
SNMPv2-MIB::sysName.0 = STRING: fox.local
SNMPv2-MIB::sysLocation.0 = STRING: Redmond

SNMP to XML

In a later post, I will publish my SNMP to XML script.

UPDATE: Instead of doing this, I started an Open Source project which can be found here.