Install SNMP with RedHat or CentOS

Configure the BigPanda agent to send monitoring alerts from SNMP.

The BigPanda agent is a low-footprint utility installed on the master host of your monitoring tool. It consumes alerts from the tool in real-time and then transmits them to BigPanda via TLS-encrypted HTTP calls.

❗️

Python Compatibility

To use the Open Integration Manager for Agent-based integrations, Python version>= 3.8.0 and an Agent version >= 10.2 are required.

Prerequisites

python >= 3.8.0 is required for the latest version of the BigPanda Agent, and will be installed by the BigPanda Agent installer if it does not exist.

  1. Ensure python3 is installed with the following command:

    $ sudo yum install -y python3
    
  2. Verify the install with the following commands:

    $ python3 --version
    $ pip3 --version
    

Note: If pip3 was not installed as a dependency, it can be installed with sudo yum install -y python3-pip.

Note: Access to JFrog, pypi, and yum repositories are required to install all dependencies.

Install the BigPanda Agent on RedHat or CentOS

  1. Add a new yum repository to download the BigPanda agent and BigPanda snmpd packages:

     $ sudo vim /etc/yum.repos.d/bigpanda.repo
    
     ...
    
     [BigPanda]
     name=BigPanda
     baseurl=https://bigpandaio.jfrog.io/artifactory/int-rpm/bigpanda/agents/
     enabled=1
     gpgcheck=0
     gpgkey=https://bigpandaio.jfrog.io/artifactory/int-rpm/bigpanda/agents/repodata/repomd.xml.key
     repo_gpgcheck=1
    
  2. Update the yum repos list to add the BigPanda repo.

    $ sudo yum update
    
  3. List all available packages with duplicates in the BigPanda repo.

     $ sudo yum list --showduplicates bigpanda* | expand
    
     This system is not registered with an entitlement server. You can use subscription-manager to register.
    
     Available Packages
     bigpanda-agent.x86_64                    9.0.1-1.el7                    BigPanda
     bigpanda-agent.x86_64                    9.0.1-1.el8                    BigPanda
     bigpanda-agent.x86_64                    9.1.0-1.el7                    BigPanda
     bigpanda-agent.x86_64                    9.1.0-1.el8                    BigPanda
     bigpanda-snmpd.x86_64                    3.1.0-1.el7                    BigPanda
     bigpanda-snmpd.x86_64                    3.1.0-1.el8                    BigPanda
    

    Note: RHEL or Centos does not send the OS version to JFrog, so we need to cherrypick the correct version for the OS.

  4. Install the BigPanda agent and snmpd packages.

     $ sudo yum install bigpanda-agent-<version-number>
     $ sudo yum install bigpanda-snmpd-<version-number>
    

    Note: Append the version number to the package name, (i.e. bigpanda-agent-9.1.0-1.el7).

Configure the BigPanda Agent

  1. Configure the agent to work with the Raw Alerts Transfer plugin by running the following commands:

            $ sudo bigpanda-config --init --token <Your Org Bearer Token>
            $ sudo bigpanda-config --add rawalertstransfer --app-key <Your App Key>
    

Configure the BigPanda SNMP Agent

  1. If any MIBs are not included by default, they need to be compiled and added manually:

    $ cd /opt/bigpanda/bigpanda-snmpd/mib_compiler
    $ sudo ./compile_mib.sh --input-directory <path to MIBs> --output-directory /etc/bigpanda/snmpd/conf/
    
  2. Modify Config Files

    For MIBs that are to be monitored, their respective Event Configuration files must be added to the bigpanda-snmpd configuration file:

    Edit /etc/bigpanda/snmpd/snmp-daemon.json, and add the paths to the event_config files to the processing.event-configs array.

    For example:

     $ sudo vi /etc/bigpanda/snmpd/snmp-daemon.json
    
     ...
    
     {
       <snip>
       "processing": {
         "mibs-dir": "/etc/bigpanda/snmpd/mibs",
         "event-configs": [
           event_configs/example.json,
           <ADD EVENT CONFIGS HERE>
         ],
         "target-dir": "/var/lib/bigpanda/queue",
         "stress_test": false
       }
       </snip>
     }
    

Start the Services

  1. Start the BigPanda agent and snmpd services by running the following commands:

    • For RHEL or Centos 7 and RHEL or Centos 8:
      $ sudo service bigpanda start
      $ sudo service bigpanda-snmpd start
      
  2. Verify the agents have started:

    $ systemctl status bigpanda
    $ systemctl status bigpanda-snmpd
    

Troubleshooting

  • You should have the snmpd directory with the snmp-daemon.json config file located at /etc/bigpanda/snmpd/snmp-daemon.json.
  • If the configs are missing or the package did not set up correctly, remove the package and reinstall.
  $ sudo service bigpanda stop
  $ sudo service bigpanda-snmpd stop

  $ sudo yum reinstall -y bigpanda
  $ sudo yum reinstall -y bigpanda-snmpd

Test the Integration

  1. Install SNMP Utils:

    $ sudo yum install -y net-snmp-utils
    
  2. Send the test SNMP v2 trap:

    $ sudo snmptrap -v 2c -c public 127.0.0.1:5000 1 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-1" 1.3.6.1.2.1.1.1 s "SNMP trap test"
    

    Note: Since it is a test message, it won’t be resolved automatically. Click Resolve incident in the BigPanda UI to manually resolve it.

  3. Set up the config file to receive SNMP v3 traps:

    • Note: Network discovery must be performed to capture the engine id and user details prior to testing SNMP v3.
    • Add the security object to the snmp config file: /etc/bigpanda/snmpd/snmp-daemon.json.
            "security": {
                "local_engine_id": "8000000001020304",
                "users": [
                {
                    "username": "panda",
                    "level": "authPriv",
                    "auth_protocol": "usmHMACSHAAuthProtocol",
                    "privacy_protocol": "usmAesCfb128Protocol",
                    "auth_key": "snmpauthpass123",
                    "privacy_key": "snmpkeypass123",
                    "engine_id": "8000000008675309"
                },
                {
                    "username": "new-panda",
                    "level": "authPriv",
                    "auth_protocol": "usmHMACSHAAuthProtocol",
                    "privacy_protocol": "usmAesCfb128Protocol",
                    "auth_key": "snmpauthpass123",
                    "privacy_key": "snmpkeypass123",
                    "engine_id": "8000000008888888"
                }
              ]
            },
      
      Note: local_engine_id is the local client’s engine id, and can be omitted. This engine id is generated in memory if not provided.
  4. Send an SNMP v3 test trap:

    $ sudo snmptrap -v3 -e 0x8000000008675309 -u panda -l authPriv -a SHA -A snmpauthpass123 -x AES -X snmpkeypass123 127.0.0.1:5000 "" 1.3.6.1.2.1.1 1.3.6.1.2.1.1.5 s "production-switch-v3" 1.3.6.1.2.1.1.1 s "SNMP v3 trap test"