Install SNMP with Debian or Ubuntu
Configure the BigPanda agent to send monitoring alerts from SNMP.
The BigPanda agent is a low-footprint utility installed on the master host of your monitoring tool. It consumes alerts from the tool in real-time and then transmits them to BigPanda via TLS-encrypted HTTP calls.
Python Compatibility
To use the Open Integration Manager for Agent-based integrations, Python version>= 3.8.0 and an Agent version >= 10.2 are required.
Prerequisites
python >= 3.8 and python-pip3 should be installed prior to installing the bigpanda-agent and bigpanda-snmpd packages.
-
Ensure python3 is installed with the following command:
$ sudo apt install -y python3
-
Verify the install with the following commands:
$ python3 --version $ pip3 --version
Note: If pip3 was not installed as a dependency, it can be installed with sudo apt install -y python3-pip
.
Note: Access to JFrog, pypi, and yum repositories are required to install all dependencies.
Install the BigPanda Agent on Debian or Ubuntu
-
Ensure packages are installed prior to downloading the BigPanda agent package:
$ sudo apt update && sudo apt install -y gnupg2 curl lsb-release
-
Add the BigPanda repository and download the OpenPGP key:
$ echo deb https://bigpandaio.jfrog.io/artifactory/int-deb `lsb_release -c -s` main | sudo tee /etc/apt/sources.list.d/bigpanda.list $ curl -sL https://bigpandaio.jfrog.io/artifactory/api/security/keypair/bigpanda/public | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/bigpanda.gpg > /dev/null
- The
--dearmor
option is for unpacking input from an OpenPGP ASCII armored key. - Since
apt-key
is marked to be deprecated on future releases of Debian or Ubuntu, it is preferred to manage keyring files in trusted.gpg.d instead. - Note:
apt-key
can still be used in place of OpenPGP, but it is less secure.$ curl -sL https://bigpandaio.jfrog.io/artifactory/api/security/keypair/bigpanda/public | sudo apt-key add -
- The
-
Connect to the host where your SNMP trap server is installed, and install the BigPanda agent package:
$ sudo apt update $ sudo apt install -y bigpanda-agent
-
Install the BigPanda SNMP daemon:
$ sudo apt install -y bigpanda-snmpd
Configure the BigPanda Agent
-
Configure the agent to work with the Raw Alerts Transfer plugin by running the following commands:
$ sudo bigpanda-config --init --token <Your Org Bearer Token> $ sudo bigpanda-config --add rawalertstransfer --app-key <Your App Key>
Configure the BigPanda SNMP Agent
-
If any MIBs are not included by default, they need to be compiled and added manually:
$ cd /opt/bigpanda/bigpanda-snmpd/mib_compiler $ sudo ./compile_mib.sh --input-directory <path to MIBs> --output-directory /etc/bigpanda/snmpd/conf/
-
Modify Config Files
For MIBs that are to be monitored, their respective Event Configuration files must be added to the bigpanda-snmpd configuration file:
Edit
/etc/bigpanda/snmpd/snmp-daemon.json
, and add the paths to theevent_config
files to theprocessing.event-configs
array.For example:
$ sudo vim /etc/bigpanda/snmpd/snmp-daemon.json ... { <snip> "processing": { "mibs-dir": "/etc/bigpanda/snmpd/mibs", "event-configs": [ event_configs/example.json, <ADD EVENT CONFIGS HERE> ], "target-dir": "/var/lib/bigpanda/queue", "stress_test": false } </snip> }
Start the Services
-
Start the BigPanda agent and snmpd services by running the following commands:
$ sudo service bigpanda start $ sudo service bigpanda-snmpd start
Test the Integration
-
Install SNMP Utils:
$ sudo apt install -y snmp
-
Send the test SNMP v2 trap:
$ sudo snmptrap -v 2c -c public 127.0.0.1:5000 1 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-1" 1.3.6.1.2.1.1.1 s "SNMP trap test"
Note: Since it is a test message, it won’t be resolved automatically. Click Resolve incident in the BigPanda UI to manually resolve it.
-
Set up the config file to receive SNMP v3 traps:
Note: Network discovery must be performed to capture the engine id and user details prior to testing SNMP v3.
Add the security object to the snmp config file:
/etc/bigpanda/snmpd/snmp-daemon.json
."security": { "local_engine_id": "8000000001020304", "users": [ { "username": "panda", "level": "authPriv", "auth_protocol": "usmHMACSHAAuthProtocol", "privacy_protocol": "usmAesCfb128Protocol", "auth_key": "snmpauthpass123", "privacy_key": "snmpkeypass123", "engine_id": "8000000008675309" }, { "username": "new-panda", "level": "authPriv", "auth_protocol": "usmHMACSHAAuthProtocol", "privacy_protocol": "usmAesCfb128Protocol", "auth_key": "snmpauthpass123", "privacy_key": "snmpkeypass123", "engine_id": "8000000008888888" } ] },
Note:
local_engine_id
is the local client’s engine id, and can be ommitted. This engine id is generated in memory if not provided. -
Send an SNMP v3 test trap:
$ sudo snmptrap -v3 -e 0x8000000008675309 -u panda -l authPriv -a SHA -A snmpauthpass123 -x AES -X snmpkeypass123 127.0.0.1:5000 "" 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-v3" 1.3.6.1.2.1.1.1 s "SNMP v3 trap test"
Updated about 7 hours ago