Install SNMP with Debian or Ubuntu

Configure the BigPanda agent to send monitoring alerts from SNMP.

The BigPanda agent is a low-footprint utility installed on the master host of your monitoring tool. It consumes alerts from the tool in real-time and then transmits them to BigPanda via TLS-encrypted HTTP calls.

❗️

Python Compatibility

To use the Open Integration Manager for Agent-based integrations, Python version>= 3.8.0 and an Agent version >= 10.2 are required.

Prerequisites

python >= 3.8 and python-pip3 should be installed prior to installing the bigpanda-agent and bigpanda-snmpd packages.

  1. Ensure python3 is installed with the following command:

    $ sudo apt install -y python3
    
  2. Verify the install with the following commands:

    $ python3 --version
    $ pip3 --version
    

Note: If pip3 was not installed as a dependency, it can be installed with sudo apt install -y python3-pip.

Note: Access to JFrog, pypi, and yum repositories are required to install all dependencies.

Install the BigPanda Agent on Debian or Ubuntu

  1. Ensure packages are installed prior to downloading the BigPanda agent package:

    $ sudo apt update && sudo apt install -y gnupg2 curl lsb-release
    
  2. Add the BigPanda repository and download the OpenPGP key:

    $ echo deb https://bigpandaio.jfrog.io/artifactory/int-deb `lsb_release -c -s` main | sudo tee /etc/apt/sources.list.d/bigpanda.list
    $ curl -sL https://bigpandaio.jfrog.io/artifactory/api/security/keypair/bigpanda/public | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/bigpanda.gpg > /dev/null
    
    • The --dearmor option is for unpacking input from an OpenPGP ASCII armored key.
    • Since apt-key is marked to be deprecated on future releases of Debian or Ubuntu, it is preferred to manage keyring files in trusted.gpg.d instead.
    • Note: apt-key can still be used in place of OpenPGP, but it is less secure.
      $ curl -sL https://bigpandaio.jfrog.io/artifactory/api/security/keypair/bigpanda/public | sudo apt-key add -
      
  3. Connect to the host where your SNMP trap server is installed, and install the BigPanda agent package:

    $ sudo apt update
    $ sudo apt install -y bigpanda-agent
    
  4. Install the BigPanda SNMP daemon:

    $ sudo apt install -y bigpanda-snmpd
    

Configure the BigPanda Agent

  1. Configure the agent to work with the Raw Alerts Transfer plugin by running the following commands:

            $ sudo bigpanda-config --init --token <Your Org Bearer Token>
            $ sudo bigpanda-config --add rawalertstransfer --app-key <Your App Key>
    

Configure the BigPanda SNMP Agent

  1. If any MIBs are not included by default, they need to be compiled and added manually:

    $ cd /opt/bigpanda/bigpanda-snmpd/mib_compiler
    $ sudo ./compile_mib.sh --input-directory <path to MIBs> --output-directory /etc/bigpanda/snmpd/conf/
    
  2. Modify Config Files

    For MIBs that are to be monitored, their respective Event Configuration files must be added to the bigpanda-snmpd configuration file:

    Edit /etc/bigpanda/snmpd/snmp-daemon.json, and add the paths to the event_config files to the processing.event-configs array.

    For example:

     $ sudo vim /etc/bigpanda/snmpd/snmp-daemon.json
    
     ...
    
     {
       <snip>
       "processing": {
         "mibs-dir": "/etc/bigpanda/snmpd/mibs",
         "event-configs": [
           event_configs/example.json,
           <ADD EVENT CONFIGS HERE>
         ],
         "target-dir": "/var/lib/bigpanda/queue",
         "stress_test": false
       }
       </snip>
     }
    

Start the Services

  1. Start the BigPanda agent and snmpd services by running the following commands:

    $ sudo service bigpanda start
    $ sudo service bigpanda-snmpd start
    

Test the Integration

  1. Install SNMP Utils:

    $ sudo apt install -y snmp
    
  2. Send the test SNMP v2 trap:

    $ sudo snmptrap -v 2c -c public 127.0.0.1:5000 1 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-1" 1.3.6.1.2.1.1.1 s "SNMP trap test"
    

    Note: Since it is a test message, it won’t be resolved automatically. Click Resolve incident in the BigPanda UI to manually resolve it.

  3. Set up the config file to receive SNMP v3 traps:

    Note: Network discovery must be performed to capture the engine id and user details prior to testing SNMP v3.

    Add the security object to the snmp config file: /etc/bigpanda/snmpd/snmp-daemon.json.

          "security": {
              "local_engine_id": "8000000001020304",
              "users": [
              {
                  "username": "panda",
                  "level": "authPriv",
                  "auth_protocol": "usmHMACSHAAuthProtocol",
                  "privacy_protocol": "usmAesCfb128Protocol",
                  "auth_key": "snmpauthpass123",
                  "privacy_key": "snmpkeypass123",
                  "engine_id": "8000000008675309"
              },
              {
                  "username": "new-panda",
                  "level": "authPriv",
                  "auth_protocol": "usmHMACSHAAuthProtocol",
                  "privacy_protocol": "usmAesCfb128Protocol",
                  "auth_key": "snmpauthpass123",
                  "privacy_key": "snmpkeypass123",
                  "engine_id": "8000000008888888"
              }
            ]
          },
    

    Note: local_engine_id is the local client’s engine id, and can be ommitted. This engine id is generated in memory if not provided.

  4. Send an SNMP v3 test trap:

    $ sudo snmptrap -v3 -e 0x8000000008675309 -u panda -l authPriv -a SHA -A snmpauthpass123 -x AES -X snmpkeypass123 127.0.0.1:5000 "" 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-v3" 1.3.6.1.2.1.1.1 s "SNMP v3 trap test"