We need help in monitoring through SNMP.
We are currently using ICMP for monitoring all the servers, but due to a lot of network issues, we are very often receiving false alerts.
Can you suggest what all issues will we face if we change from ICMP to SNMP.
Also, the procedure that we should follow to implement ICMP for all the servers(Windows/Linux,etc).
Use SNMP instead of ICMP
Re: Use SNMP instead of ICMP
Using SNMP is no different than checking via HTTP, for instance. You will issue a request (an SNMP "GET") and wait for a response. Optionally, you can parse that response to see if certain information that you are expecting to find is actually returned.
The risks/rewards are the same as any other service check - the biggest of which is that the response will be delayed longer than Nagios considers acceptable, and the service will be marked as failed.
The easiest path forward is to change your base host templates (generic-host, generic-switch, whatever you use as your most lowest-level template) to change the check_command from a check_ping or check_icmp type command to be one that you specify to use SNMP such as check_snmp. If you use check_snmp, then the ARG1 parameter must contain everything you want to pass to the service check (basically, an snmpget command) so you can query any OID/MIB/whatever you want to look at to see if the host responds.
This is just a "pointer in the right direction" so if you need more specific help, feel free to ask.
The risks/rewards are the same as any other service check - the biggest of which is that the response will be delayed longer than Nagios considers acceptable, and the service will be marked as failed.
The easiest path forward is to change your base host templates (generic-host, generic-switch, whatever you use as your most lowest-level template) to change the check_command from a check_ping or check_icmp type command to be one that you specify to use SNMP such as check_snmp. If you use check_snmp, then the ARG1 parameter must contain everything you want to pass to the service check (basically, an snmpget command) so you can query any OID/MIB/whatever you want to look at to see if the host responds.
This is just a "pointer in the right direction" so if you need more specific help, feel free to ask.
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
-
raamardhani7
- Posts: 459
- Joined: Tue Jun 02, 2015 12:36 am
Re: Use SNMP instead of ICMP
Hi Eloyd,
Thanks a lot for your response on this. We need to use the best possible one to limit the false alerts. For ICMP ping check, we havent selected anything. Do you want us to change the command to check via http? or any other alternate suggestion you can advise?
Thanks a lot for your response on this. We need to use the best possible one to limit the false alerts. For ICMP ping check, we havent selected anything. Do you want us to change the command to check via http? or any other alternate suggestion you can advise?
eloyd wrote:Using SNMP is no different than checking via HTTP, for instance. You will issue a request (an SNMP "GET") and wait for a response. Optionally, you can parse that response to see if certain information that you are expecting to find is actually returned.
The risks/rewards are the same as any other service check - the biggest of which is that the response will be delayed longer than Nagios considers acceptable, and the service will be marked as failed.
The easiest path forward is to change your base host templates (generic-host, generic-switch, whatever you use as your most lowest-level template) to change the check_command from a check_ping or check_icmp type command to be one that you specify to use SNMP such as check_snmp. If you use check_snmp, then the ARG1 parameter must contain everything you want to pass to the service check (basically, an snmpget command) so you can query any OID/MIB/whatever you want to look at to see if the host responds.
This is just a "pointer in the right direction" so if you need more specific help, feel free to ask.
-
kyang
Re: Use SNMP instead of ICMP
@raamardhani7,
As eloyd mentioned, SNMP and HTTP are no different.
Could you just use the check_host_alive_http? It's pretty much check_http, but in XI it's check_host_alive_http.
If the host is up then OK, if the host if down then Critical.
https://assets.nagios.com/downloads/nag ... 1508333804
As eloyd mentioned, SNMP and HTTP are no different.
Could you just use the check_host_alive_http? It's pretty much check_http, but in XI it's check_host_alive_http.
Code: Select all
$USER1$/check_http -H $HOSTADDRESS$https://assets.nagios.com/downloads/nag ... 1508333804