Difference between revisions of "SNMP Agent Setup"

Latest revision as of 05:19, 2 January 2024

Quanastor SNMP Agent

The QuantaStor SNMP agent provides the ability to collect SNMP traps and to browse the objects within a QuantaStor grid via SNMP GET operations. Note that the SNMP agent has no SNMP SET operations and does not allow one to change the configuration of a QuantaStor System or grid via SNMP. To make automated configuration changes please see the REST APIs in the QuantaStor Developer Guide.

SNMP MIB

The full down load can be found at SNMP MIB for QuantaStor. The latest version for any given release can be found by running qs-util snmpmib after logging into an system via SSH.

SNMP Agent Configuration For Quantastor Version 6.1 and greater

SNMP Agent can now be configured in a few click from the Alert Manager in the Quantastor Web UI. In the SNMP tab check "Enable SNMP". Choose a SNMP user name and password. These credentials will be used by the SNMP Agent to communicate with the Quantastor Service. After clicking OK, SNMP Agent will be configured on the Quantastor Systems in the grid.

To change the SNMP user password, open the Alert Manager and select the "SNMP" tab. Enter the new password and click OK. SNMP Agent will be reconfigured with the new password. To disable the SNMP agent, simply uncheck the option "Enable SNMP".

SNMP Agent Configuration For Quantastor Version older than 6.1

For SNMP setup steps on Quantastor Versions older than 6.1 please visit the SNMP Agent page SNMP Agent Legacy steps

Testing the SNMP Agent

Now that you have the SNMP agent enabled with an account associated with it, it's time to test it to make sure it is working. To do this, use the qs-util commands for doing an SNMP walk, for example:

qs-util snmpwalkvolumes snmpuser snmppass
qs-util snmpwalkalerts snmpuser snmppass
qs-util snmpwalkall snmpuser snmppass

Alternatively you can run a snmpwalk like so:

snmpwalk -v 3 -u snmpuser -a MD5 -A snmppass -x DES -X "snmppass" -l authPriv localhost QUANTASTOR-SYS-STATS::storageVolume

Be sure to replace snmpuser and snmppass with the user account you setup. If you're not able to get any data from the snmpwalk commands, try running a simple qs command to verify that the credentials are correct for the account like so:

qs alert-list server=localhost,snmpuser,snmppass

If that doesn't work then either the quantastor service is not running (service quantastor start) or the user account username or password isn't correct.

Configuring SNMP Agent Trap Settings

The alerts within QuantaStor have a severity of error, warning or informational and via the /etc/qs_snmptrapd.conf configuration file you can turn off these categories of alerts to fit your needs. In general you should never ignore error messages but it may be handy to disable informational alerts in some cases. Here's the default contents of the /etc/qs_snmptrapd.conf file. Note that if you delete it, the SNMP agent will automatically re-create it for you with the defaults:

poll-interval=120
ignore-error-alerts=false
ignore-warn-alerts=false
ignore-info-alerts=false

If you make any changes to this file, be sure to restart the agent like so.

qs-util snmprestart

Testing SNMP Trap Settings

By default the SNMP agent only pushes out traps every 120 seconds so you will have to wait awhile for the trap to be generated after you raise a test alert. QuantaStor only raises traps for Alert objects, so anything that you see in the Alert status bar in the web interface or see in 'qs alert-list' will be sent out as traps. Traps are only sent a single time and the agent keeps track of what alerts have been sent by writing the alert UUIDs to '/var/log/qs_snmpraisedtraps.dat'. If you delete that file then all the alerts will be raised again after the agent restarts. To generate a test alert which will be converted into an SNMP trap use this command:

qs alert-raise --title="Test" --message="snmp test message" --alert-severity=warning --server=localhost,admin,password

After you create the test alert you can then look in the log to see if it has been raised:

qs-showlog -snmp

An easier way to do that is to leave the log open with a 'tail -f /var/log/qs/qs_snmpagent.log' then hit Ctrl-C to stop monitoring the log once you see the trap generated. By default the /etc/snmp/snmpd.conf file is configure to only raise traps to the local host. To raise traps outside of the local host you'll need to add additional lines to the snmpd.conf file like this:

trap2sink 127.0.0.1 public
trap2sink 192.168.10.123 public
trap2sink 10.10.50.134 public

@@ Line 1: / Line 1: @@
-== SNMP Agent Configuration ==
+[[Category:integration_guide]]
-The QuantaStor SNMP agent provides the ability to collect SNMP traps and to browse the objects within a QuantaStor grid via SNMP GET operations.  Note that the SNMP agent has no SNMP SET operations and does not allow one to change the configuration of a QuantaStor appliance or grid via SNMP.  To make automated configuration changes please see the REST APIs in the [[QuantaStor_Developers_Guide|QuantaStor Developer Guide]].
+== Quanastor SNMP Agent ==
+The QuantaStor SNMP agent provides the ability to collect SNMP traps and to browse the objects within a QuantaStor grid via SNMP GET operations.  Note that the SNMP agent has no SNMP SET operations and does not allow one to change the configuration of a QuantaStor System or grid via SNMP.  To make automated configuration changes please see the REST APIs in the [[QuantaStor_Developers_Guide|QuantaStor Developer Guide]].
 === SNMP MIB ===
-The full [https://s3.amazonaws.com/qstor-downloads/mibs/QUANTASTOR-SYS-STATS.mib SNMP MIB for QuantaStor] can be found [https://s3.amazonaws.com/qstor-downloads/mibs/QUANTASTOR-SYS-STATS.mib here] but the latest version for any given release can be found by running '''qs-util snmpmib''' after logging into an appliance via SSH.
+The full down load can be found at [https://s3.amazonaws.com/qstor-downloads/mibs/QUANTASTOR-SYS-STATS.mib SNMP MIB for QuantaStor]. The latest version for any given release can be found by running '''qs-util snmpmib''' after logging into an system via SSH.
-=== qs-util SNMP Utility Commands ===
+== SNMP Agent Configuration For Quantastor Version 6.1 and greater ==
-The qs-util command line utility has a number of helper commands to make enabling SNMP and verifying the configuration easier.  Here's a list of those commands, you can also run 'qs-util' at the console to see a full list of these commands.  Note that you must run many of these commands as root so be sure to do a 'sudo -i' before running them.
+SNMP Agent can now be configured in a few click from the Alert Manager in the Quantastor Web UI.
+In the SNMP tab check "Enable SNMP". Choose a SNMP user name and password. These credentials will be used by the SNMP Agent to communicate with the Quantastor Service. After clicking OK, SNMP Agent will be configured on the Quantastor Systems in the grid.
-<pre>
+To change the SNMP user password, open the Alert Manager and select the "SNMP" tab. Enter the new password and click OK. SNMP Agent will be reconfigured with the new password.
-  SNMP Commands
+To disable the SNMP agent, simply uncheck the option "Enable SNMP".
-    qs-util snmpenable               : Configures the SNMP agent to startup automatically at system startup.
-    qs-util snmpdisable              : Configures the SNMP agent to not start automatically at system startup (default).
-    qs-util snmpactivate             : Turns on the SNMP agent
-    qs-util snmprestart              : Restarts the SNMP service and agent
-    qs-util snmpwalkall              : Walks the entire SNMP mib
-    qs-util snmpwalkvolumes          : Walks the volumes via the SNMP mib
-    qs-util snmpwalkalerts           : Walks the alerts via the SNMP mib
-    qs-util snmpmib                  : Displays the contents of the SNMP mib
-</pre>
-=== Enabling the SNMP Agent ===
+== SNMP Agent Configuration For Quantastor Version older than 6.1 ==
-By default the QuantaStor SNMP agent is turned off but you can enable it at the console with a couple of commands:
-<pre>
+For SNMP setup steps on Quantastor Versions older than 6.1 please visit the SNMP Agent page [[SNMP_Agent_Legacy|SNMP Agent Legacy steps]]
-sudo qs-util snmpenable
-sudo qs-util snmpactivate
-</pre>
-The snmpenable command sets up the appliance so that the SNMP agent will start automatically when the appliance boots up.  The snmpactivate command will startup the snmpd and qs_snmpagent services.  You must also install the snmp package which contains the snmpwalk and snmpget utilities you can use for testing the agent.
-<pre>
-sudo apt-get install snmp
-</pre>
-=== Configuring the SNMP Agent user account ===
-You must edit the /etc/snmp/snmpd.conf configuration file to contain the plain text username and password for the account that will be used for communication between the SNMP agent and the QuantaStor core services.  We recommend creating a 'snmpuser' account with the 'System Monitor' role so that even if someone gets the plain text password for the SNMP agent they still cannot make configuration changes to the appliance.
-If you are not logged into the web management interface you can create a new management user account at the command line like so:
-<pre>
-qs user-add snmpuser snmppass "System Monitor" server=localhost,admin,password
-</pre>
-In the /etc/snmp/snmpd.conf file you will see lines in there that look like this:
-<pre>
-createUser snmpuser MD5 snmppass DES
-group nmsGroup usm snmpuser
-</pre>
-Edit 'nano /etc/snmp/snmpd.conf' those to match the new user account username and password you gave in the previous step. For example, replace 'snmpuser' with the username of the account you created via the QuantaStor manager web interface, and replace 'snmppass' with the password you gave to that account.   When the SNMP agent starts up, it will use the credentials for the first createUser entry in the snmpd.conf file for all communication with the QuantaStor service.  So even if you have multiple createUser entries in the snmpd.conf file like "admin" but the first createUser entry is "snmpuser" then "snmpuser" credentials are used for all the SNMP agent to qs_service communication.
-Now it is time to restart the SNMP daemon and agent like so:
-<pre>
-sudo qs-util snmprestart
-</pre>
-=== Testing the SNMP Agent ===
+== Testing the SNMP Agent ==
-Now that you have the SNMP agent enabled with an account associated with it, now it's time to test it to make sure it is working.  To do this, use the qs-util commands for doing an SNMP walk, for example:
+Now that you have the SNMP agent enabled with an account associated with it, it's time to test it to make sure it is working.  To do this, use the qs-util commands for doing an SNMP walk, for example:
-<pre>
+<pre>qs-util snmpwalkvolumes snmpuser snmppass
-qs-util snmpwalkvolumes snmpuser snmppass
 qs-util snmpwalkalerts snmpuser snmppass
-qs-util snmpwalkall snmpuser snmppass
+qs-util snmpwalkall snmpuser snmppass</pre>
-</pre>
 Alternatively you can run a snmpwalk like so:
-<pre>
+<pre>snmpwalk -v 3 -u snmpuser -a MD5 -A snmppass -x DES -X "snmppass" -l authPriv localhost QUANTASTOR-SYS-STATS::storageVolume</pre>
-snmpwalk -v 3 -u snmpuser -a MD5 -A snmppass -x DES -X "snmppass" -l authPriv localhost QUANTASTOR-SYS-STATS::storageVolume
-</pre>
+Be sure to replace snmpuser and snmppass with the user account you setup.  If you're not able to get any data from the snmpwalk commands, try running a simple qs command to verify that the credentials are correct for the account like so:
+<pre>qs alert-list server=localhost,snmpuser,snmppass</pre>
-Be sure to replace snmpuser and snmppass with the user account you setup and specified in the /etc/snmp/snmpd.conf configuration file.  If you're not able to get any data from the snmpwalk commands, try running a simple qs command to verify that the credentials are correct for the account like so:
-<pre>
-qs alert-list server=localhost,snmpuser,snmppass
-</pre>
 If that doesn't work then either the quantastor service is not running (service quantastor start) or the user account username or password isn't correct.
-=== Configuring SNMP Agent Trap Settings ===
+== Configuring SNMP Agent Trap Settings ==
-The alerts within QuantaStor have a severity of error, warning or informational and via the /etc/qs_snmptrapd.conf configuration file you can turn off these categories of alerts to fit your needs.  In general you should not ever ignore error messages but it may be handy to disable informational alerts in some cases.  Here's the default contents of the /etc/qs_snmptrapd.conf file.  Note that if you delete it, the SNMP agent will automatically re-create it for you with the defaults:
+The alerts within QuantaStor have a severity of error, warning or informational and via the /etc/qs_snmptrapd.conf configuration file you can turn off these categories of alerts to fit your needs.  In general you should never ignore error messages but it may be handy to disable informational alerts in some cases.  Here's the default contents of the /etc/qs_snmptrapd.conf file.  Note that if you delete it, the SNMP agent will automatically re-create it for you with the defaults:
 <pre>
@@ Line 92: / Line 47: @@
 If you make any changes to this file, be sure to restart the agent like so.
-<pre>
-service snmpagent restart
-</pre>
-Or you can restart both the agent and SNMP service like so:
 <pre>
 qs-util snmprestart
 </pre>
-=== Testing SNMP Trap Settings ===
+== Testing SNMP Trap Settings ==
 By default the SNMP agent only pushes out traps every 120 seconds so you will have to wait awhile for the trap to be generated after you raise a test alert. QuantaStor only raises traps for Alert objects, so anything that you see in the Alert status bar in the web interface or see in 'qs alert-list' will be sent out as traps.  Traps are only sent a single time and the agent keeps track of what alerts have been sent by writing the alert UUIDs to '/var/log/qs_snmpraisedtraps.dat'.  If you delete that file then all the alerts will be raised again after the agent restarts.  To generate a test alert which will be converted into an SNMP trap use this command:
@@ Line 113: / Line 64: @@
 </pre>
-An easier way to do that is to leave the log open with a 'tail -f /var/log/qs_snmpagent.log' then hit Ctrl-C to stop monitoring the log once you see the trap generated.  By default the /etc/snmp/snmpd.conf file is configure to only raise traps to the local host.  To raise traps outside of the local host you'll need to add additional lines to the snmpd.conf file like this:
+An easier way to do that is to leave the log open with a 'tail -f /var/log/qs/qs_snmpagent.log' then hit Ctrl-C to stop monitoring the log once you see the trap generated.  By default the /etc/snmp/snmpd.conf file is configure to only raise traps to the local host.  To raise traps outside of the local host you'll need to add additional lines to the snmpd.conf file like this:
 <pre>
@@ Line 119: / Line 70: @@
 trap2sink 192.168.10.123 public
 trap2sink 10.10.50.134 public
-</pre>
-You can also monitor traps using the snmptrapd utility like so:
-<pre>
-snmptrapd -P -F "%02.2h:%02.2j TRAP%w.%q from %A %v %W\n"
 </pre>

Difference between revisions of "SNMP Agent Setup"

Latest revision as of 05:19, 2 January 2024

Contents

Quanastor SNMP Agent

SNMP MIB

SNMP Agent Configuration For Quantastor Version 6.1 and greater

SNMP Agent Configuration For Quantastor Version older than 6.1

Testing the SNMP Agent

Configuring SNMP Agent Trap Settings

Testing SNMP Trap Settings

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Solution Design Guide

Installation Guide

Getting Started

Administrator Guide

User Guide

Developer (REST API) Guide

Command Line Interface (CLI) Guide

Integration Guide

Web Management (WUI) Guide

Support Guide

IBM Cloud Deployment Guide

Links

Tools