How to monitor The Enterprise File Fabric using SNMP

The Enterprise File Fabric runs on a hardened version of Linux, so many monitoring platforms will have agents that could be installed to gather metrics and details from the appliances, for example take a look at one of my previous blogposts for monitoring using Telegraf/InfuxDB/Grafana:

File Fabric Metrics Monitoring and Visualization using Grafana, InfluxDB and Telegraf

But what about monitoring using agentless  techniques? Well the most common method for this is using SNMP protocol to have monitoring systems query data from systems. While SNMP isn’t enabled by default, it’s easy enough to get installed.

All the SNMP packages are available from the default package repositories and can be installed like so as the root account on the appliance(s):

yum install net-snmp net-snmp-utils  net-snmp-agent-lib snet-snmp-libs

Now all the correct snmp software is deployed on the appliance, but we still need to configure. With SNMP there are a few different versions available: v1, v2c and v3.  For this post we’ll use v3, which provides the highest level of security.

We will use the built in net-snmp-create-v3-user to create an account we can use for our monitoring system to gather the metrics we’re looking for.

 /usr/bin/net-snmp-create-v3-user
Enter a SNMPv3 user name to create:
smesnmp
Enter authentication pass-phrase:

mysecretpassword
Enter encryption pass-phrase:

  [press return to reuse the authentication pass-phrase]
mysecretpassword
adding the following line to /var/lib/net-snmp/snmpd.conf:

   createUser smesnmp MD5 "mysecretpassword" DES mysecretpassword
adding the following line to /etc/snmp/snmpd.conf:
   rwuser smesnmp

Now we can start up the snmpd service and make sure it runs by default:

systemctl enable --now snmpd

The last step will be to allow through the local appliance firewall. Using your favorite editor (vim, nano, etc) edit the file /etc/sysconfig/iptables

We will add the following two lines right before “-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited”

-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 162 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT

After editing we can restart iptables to let those changes take effect

systemctl restart iptables

Now you’re all set, any system that uses SNMP can now query the File Fabric, pull out metrics like cpu, memory, disk utilization as well as a range of other system metrics.

 

*Image by xresch from Pixabay 

Facebooktwitterredditpinterestlinkedinmailby feather
The following two tabs change content below.

Eric Toczek

Director of Sales Engineering at Storage Made Easy
Eric is responsible for technical presales activities at Storage Made Easy.