SNMP Monitoring on Windows

[emartine]

Does Nagios store unidentified trap messages somewhere?

[scottwilkerson]

Are you sending traps from the device as well? I thought this thread was about active monitoring with check_snmp

[scottwilkerson]

Here is our guide on SNMP Traps if you have Enterprise edition
https://assets.nagios.com/downloads/nag ... h-NXTI.pdf

[emartine]

Thank you for your patience Scott. This is a system we acquired and I'm trying any which way I can to try and monitor these application interfaces. At the tend of this month the vendor that manages the monitoring for this system is going away so I have to try and get some application level monitoring in place. I am meeting with them on Friday to discuss more options if I am unable to get it working. I have been able get access to the server and I was able to install a client on the host. I changed most of the SNMP checks for the system to active checks and at this point I am working on application monitoring which the vendor has told me was being monitored via SNMP. SNMP is configured on the windows host which is what I originally started with and for system services like cpu, memory and disk.... that was not a problem but for application interfaces I am stuck... so regarding active SNMP checks, yes, it started that way. So since I can't identfy proper checks (actively) one way I am trying the other (passively).

In the logs I currently see...

Mon Aug 24 13:18:28 2020 .1.3.6.1.6.3.1.1.5.5 Normal "Status Events" <server IP> - SNMP athentication failure

[scottwilkerson]

Mon Aug 24 13:18:28 2020 .1.3.6.1.6.3.1.1.5.5 Normal "Status Events" <server IP> - SNMP athentication failure

I wonder if this could be related to still having some services setup with mixed authentication as I had pointed out here

First, you are mixing 2c protocol with user and auth which are only used for version 3 protocol..

Also, what do you get when you run?

Code: Select all

snmpwalk -v 2c -c communityname <Server IP> -o .1.3.6.1.4.1.4184.2

[emartine]

I changed my check to:

#/usr/local/nagios/libexec/check_snmp -H <IP>-v 2c -C <communityname> -U <user> -A <pass> -o '.1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51'
/usr/bin/snmpget -Le -t 10 -r 5 -m '' -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51
iso.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51 = STRING: "<interfacename>"
SNMP OK - "<interfacename>" |

I also tried these:

#/usr/local/nagios/libexec/check_snmp -H <IP>-v 2c -C <communityname> -U <user> -A <pass> -o '.1.3.6.1.4.1.4184.2.3.*'
/usr/bin/snmpget -Le -t 10 -r 5 -m ALL -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.*
External command error: .1.3.6.1.4.1.4184.2.3.*: Unknown Object Identifier (Sub-id not found: enterprises -> *)

#/usr/local/nagios/libexec/check_snmp -H <IP>-v 3 -C <communityname> -U <user> -A <pass> -o '.1.3.6.1.4.1.4184.2.3.*'
/usr/bin/snmpget -Le -t 10 -r 5 -m ALL -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.*
External command error: .1.3.6.1.4.1.4184.2.3.*: Unknown Object Identifier (Sub-id not found: enterprises -> *)

#/usr/local/nagios/libexec/check_snmp -H <IP>-v 2c -C <communityname> -U <user> -A <pass> -o '.1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51'
/usr/bin/snmpget -Le -t 10 -r 5 -m '' -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51
iso.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51 = STRING: "<interfacename>"
SNMP OK - "<interfacename>" |

#/usr/local/nagios/libexec/check_snmp -H <IP>-v 3 -C <communityname> -U <user> -A <pass> -o '.1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51'
/usr/bin/snmpget -Le -t 10 -r 5 -m '' -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51
iso.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51 = STRING: "<interfacename>"
SNMP OK - "<interfacename>" |

[scottwilkerson]

You should not be adding

Code: Select all

 -U <user> -A <pass>

these are only for SNMP version 3

Also as stated earlier

I would ask the vendor what is the oid to the status for the interface that corresponds to the interface name that is listed in .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51

[emartine]

I change it to this:

/usr/local/nagios/libexec/check_snmp -H <IP> -v 2c -C <community name> -o '.1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51'
/usr/bin/snmpget -Le -t 10 -r 5 -m '' -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51
iso.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51 = STRING: "<interface name>"
SNMP OK - "<interface name>" |


I asked the vendor several times what the status OID is and they seem to be dodging the question. They either don't appear to know or don't want to tell me.

[scottwilkerson]

I change it to this:

/usr/local/nagios/libexec/check_snmp -H <IP> -v 2c -C <community name> -o '.1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51'
/usr/bin/snmpget -Le -t 10 -r 5 -m '' -v 1 [context] [authpriv] <IP>:161 .1.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51
iso.3.6.1.4.1.4184.2.3.2.1.1.12.73.67.79.80.50.52.49.53.72.48.65.72.7.51.77.95.83.70.51.51 = STRING: "<interface name>"
SNMP OK - "<interface name>" |


I asked the vendor several times what the status OID is and they seem to be dodging the question. They either don't appear to know or don't want to tell me.

That looks correct, the extra output is because you have the -v in there

Once you have the correct OID, you should be in business

best of luck getting it from them!