The Enterprise File Fabric runs on a hardened version of Linux, so many monitoring platforms will have agents that could be installed to gather metrics and details from the appliances, for example take a look at one of my previous blogposts for monitoring using Telegraf/InfuxDB/Grafana:
But what about monitoring using agentless techniques? Well the most common method for this is using SNMP protocol to have monitoring systems query data from systems. While SNMP isn’t enabled by default, it’s easy enough to get installed.
All the SNMP packages are available from the default package repositories and can be installed like so as the root account on the appliance(s):
yum install net-snmp net-snmp-utils net-snmp-agent-lib snet-snmp-libs
Now all the correct snmp software is deployed on the appliance, but we still need to configure. With SNMP there are a few different versions available: v1, v2c and v3. For this post we’ll use v3, which provides the highest level of security.
We will use the built in net-snmp-create-v3-user to create an account we can use for our monitoring system to gather the metrics we’re looking for.
Enter a SNMPv3 user name to create:
Enter authentication pass-phrase:
Enter encryption pass-phrase:
[press return to reuse the authentication pass-phrase]
adding the following line to /var/lib/net-snmp/snmpd.conf:
createUser smesnmp MD5 "mysecretpassword" DES mysecretpassword
adding the following line to /etc/snmp/snmpd.conf:
Now we can start up the snmpd service and make sure it runs by default:
systemctl enable --now snmpd
The last step will be to allow through the local appliance firewall. Using your favorite editor (vim, nano, etc) edit the file /etc/sysconfig/iptables
We will add the following two lines right before “-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited”
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 162 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
After editing we can restart iptables to let those changes take effect
systemctl restart iptables
Now you’re all set, any system that uses SNMP can now query the File Fabric, pull out metrics like cpu, memory, disk utilization as well as a range of other system metrics.
Latest posts by Eric Toczek (see all)
- How to monitor The Enterprise File Fabric using SNMP - May 12, 2021
- File Fabric Metrics Monitoring and Visualization using Grafana, InfluxDB and Telegraf - December 7, 2020