Trying to set up SNMP v3 checks with SHA256 authentication, but seems like its not currently supported.
OS is CentOS 7, Net-SNMP package is version 5.7.
From reading Net-SNMP docs it seems like SHA256 support was added starting with version 5.8.
So the question is if upgrading Net-SNMP package 5.8 and above is supported by NagiosXI, and what else might be required to be able to use better auth protocols then SHA1.
SHA256 auth protocol support for SNMP checks
Re: SHA256 auth protocol support for SNMP checks
I wouldn't recommend upgrading net-snmp on EL7 as it may impact php-snmp and other things that were compiled against it.
You could migrate to an EL8 system where net-snmp is 5.8 installed by default.
What XI version is the system currently running?
NOTE: I labbed this up with net-snmp 5.8 and the wizards/plugins seemed to work with SHA256 if you just select SHA.
You could migrate to an EL8 system where net-snmp is 5.8 installed by default.
What XI version is the system currently running?
NOTE: I labbed this up with net-snmp 5.8 and the wizards/plugins seemed to work with SHA256 if you just select SHA.
Re: SHA256 auth protocol support for SNMP checks
thanks. nagiosxi is at 5.8.3.
I got some custom scripts/checks so just wizard wont do it, but ultimately they rely on snmpget from Net-SNMP.
any suggestions what to look at during testing to make sure all components that depend on net-snmp are working correctly if i was to go down the route of installing net-snmp 5.8 on EL7?
I got some custom scripts/checks so just wizard wont do it, but ultimately they rely on snmpget from Net-SNMP.
any suggestions what to look at during testing to make sure all components that depend on net-snmp are working correctly if i was to go down the route of installing net-snmp 5.8 on EL7?
Re: SHA256 auth protocol support for SNMP checks
You would need to test the existing wizards/snmp plugins to determine if it will have any impact, we do not currently test against that setup as it is outside of what the vendor has in the repositories and you'll likely need to compile from source. My only concern is impacting your system when doing upgrades/etc, it will likely get replaced with the lower version on upgrades as well.
Re: SHA256 auth protocol support for SNMP checks
makes sense. thanks @ssax. i think we will go with OS upgrade.
as a side note (let me know i need to create new topic for this):
is nagiosXI compatible and/or recommended to be run inside the container instead a old fashioned install on a VM and is it an officially supported solution? if so, is there image or/and documentation for it?
Thanks.
as a side note (let me know i need to create new topic for this):
is nagiosXI compatible and/or recommended to be run inside the container instead a old fashioned install on a VM and is it an officially supported solution? if so, is there image or/and documentation for it?
Thanks.
Re: SHA256 auth protocol support for SNMP checks
We don't currently test with it as a container or offer containers currently so while it might work it's not officially supported.