With Net-SNMP we can create a variety of monitoring and alerting.
The scenario in this example is the monitoring of the mail queue on unix servers and alarming us if the value of the messages found waiting in the queue is greater than 100 (openNMS variable)
Step 1 – We create the desired script. The script on this example was saved to /usr/local/bin/mailqueue
#!/bin/bash mailq | tail -n 1 | awk '{if (NF > 4) {print $5} else {print 0}}' |
Step 2 – Add this script on /etc/snmp/snmpd.conf
extend Mailq /usr/local/bin/mailqueue |
Step 3 – Restart snmpd
Step 4 – Configure discovery on openNMS. This is done through /etc/opennms/capsd-configuration.xml.
<protocol-plugin protocol= "Mailq" class -name= "org.opennms.netmgt.capsd.plugins.SnmpPlugin" scan= "on" user-defined= "false" > <property key= "vbname" value= ".1.3.6.1.4.1.8072.1.3.2.4.1.2.5.77.97.105.108.113.1" /> <property key= "timeout" value= "2000" /> <property key= "retry" value= "1" /> </protocol-plugin> |
Step 5 – Configure service & polling on openNMS. This is done through /etc/opennms/poller-configuration.xml.
<service name= "Mailq" interval= "300000" user-defined= "false" status= "on" > <parameter key= "retry" value= "1" /> <parameter key= "timeout" value= "3000" /> <parameter key= "port" value= "161" /> <parameter key= "oid" value= ".1.3.6.1.4.1.8072.1.3.2.4.1.2.5.77.97.105.108.113.1" /> <parameter key= "operator" value= "<" /> <parameter key= "operand" value= "100" /> </service> |
Explaining the poller-configuration.xml for a Net-SNMP service:
a) We define port 161 which means that we will be using SNMP to get this value. The downside of this is that if SNMP stops on a monitored device, we will get alarm for both SNMP and the created service.
b) We define the oid that will be checked. This can be found by testing the host with snmpwalk
c) We define operator which actually sets the greater than ( > ), lower than ( < ), equals ( = ). It can also contain regexp. As this is an xml, the symbols > & < must be declared as: < or >
d) We define operand which actually is the number on which we are comparing the SNMP result we receive. In our case, we want the poller to mark the service as DOWN when value (mails on queue) is larger (<) than 100.
In addition at the end of the file add the class-name of the monitored service.
<monitor service= "Mailq" class -name= "org.opennms.netmgt.poller.monitors.SnmpMonitor" /> |
Step 6 – Restart openNMS
# service opennms restart |
Step 7 – Now we need to configure openNMS to search for this service on both manually provisioned requisitions as well as the auto discovery module.
This is done through openNMS GUI.
- Login as Admin and navigate to Admin.
- Under Node Provisioning, select Manage Provisioning Requisitions
- On the Default Foreign Source Definition click on Edit Default Foreign Source Definition
There you should add a Detector for the new service with class: org.opennms.netmgt.provision.detector.snmp.SnmpDetector and add the oid used as a key.
Same procedure should be followed for already provisioned nodes which can be found on Manage Provisioning Requisitions / swissns / Foreign Source Definition and edit.
After clicking on Done everything is configured. You can now either wait for up to 24 hours for the polling to take place or Scan a specific host in order to get immediate results.