Adding a Host to Monitor to LibreNMS

LibreNMS is a monitoring tool that supports auto-discovery with multiple protocols, including SNMP, ARP, OSPF, and BGP. To monitor operating systems, you can use the SNMP protocol, which is available on most OS, including Linux, Windows, and BSDs.

There are three versions of SNMP Protocol, v1 and v2 which are secured with only a community password, and the protocol v3 which supports passwords for authentication and encryption. For the production environment, it's recommended to use the SNMP protocol v3, which is more secure than v2 and v1.

In this article, you will learn how to add hosts to the LibreNMS monitoring system using the SNMP protocol.

Prerequisites

Before you get started, you must complete the LibreNMS installation below:

How to Install LibreNMS on the Debian 11 Bullseye

For this example, we will use the following environment.

LibreNMS Monitoring Server

  • Operating System: Debian 11 Bullseye
  • Hostname: bullseye64
  • IP Address: 192.168.1.1.100

Host/Client Machine

  • Operating system: Debian 11 Bullseye
  • Hostname: host01
  • IP Address: 192.168.1.50

Now let's begin.

Install SNMP on the Host Machine

First, you will be installing SNMP packages to the host machines.

1. Connect to the host machine and update repositories using the following command.

sudo apt update

2. Now install SNMP packages using the apt command below.

sudo apt install snmpd snmp libsnmp-dev

Type 'y' to confirm the installation and press 'Enter' to continue.

3. After SNMP installation completes, start and enable the snmpd service using the following command.

sudo systemctl enable --now snmpd

Now verify the snmpd service using the command below.

sudo systemctl status snmpd

Ensure the snmpd service is active and running.

Setup SNMP Protocol v3 Authentication and Encryption

The SNMP protocol supports three different versions, v1, v2, and v3. The LibreNMS monitoring tool supports all three protocols. And for security reasons, it's recommended to use the SNMP protocol v3.

The SNMP protocol v1 and v2 provide simple authentication. But the SNMP protocol v3 provides the authentication through MD5 and SHA hash algorithm and the data encryption through AES and DES.

In this step, you will be creating a new snmpd user for the protocol v3 on the host machine.

1. Before creating a new SNMP user, backup the default configuration and stop the snmpd service using the stop service

cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
sudo systemctl stop snmpd.service

2. Now execute the 'net-snmp-create-v3-user' command below to create a new SNMP user with password authentication and password encryption.

For this example, you will be creating a new user 'snmpdadmin' with the password authentication 'StrongAuthPass' and the password encryption 'StrongEncPass'.

net-snmp-create-v3-user -ro -A StrongAuthPass -a SHA -X StrongEncPass -x AES snmpadmin

Now you will see similar error messages as below, and you will be fixing this error on the next step.

adding the following line to /var/lib/snmp/snmpd.conf:
   createUser snmpadmin SHA "StrongAuthPass" AES "StrongEncPass"
adding the following line to /snmp/snmpd.conf:
   rouser snmpadmin
touch: cannot touch '/snmp/snmpd.conf': No such file or directory
/usr/bin/net-snmp-create-v3-user: 144: cannot create /snmp/snmpd.conf: Directory nonexistent

To fix this error, you must edit the configuration to the SNMP configuration file '/etc/snmp/snmpd.conf' and '/var/lib/snmp/snmpd.conf'.

Options you must know:

  • -ro: Giving the new user read-only permission.
  • -A: Setup password authentication for the new user.
  • -a: Specify hash algorithm for password authentication. Supports hash MD5 and SHA.
  • -X: Setup password encryption for the new user.
  • -x: Specify the password encryption algorithm. Supports AES and DES.
  • snmpadmin: A user that you will be creating.

3. Next, edit the SNMP configuration '/etc/snmp/snmpd.conf' using nano editor.

sudo nano /etc/snmp/snmpd.conf

On the 'agentaddress' option, add the host machine's internal network. In this example, the host machine has an IP address '192.168.1.50'.

agentaddress  127.0.0.1,[::1],192.168.1.50

Now paste the following configuration to the bottom of the line. This configuration will enable user 'snmpadmin' with the read-only permission.

rouser snmpadmin

Save the configuration and exit.

4. Next, edit the SNMP data configuration '/var/lib/snmp/snmpd.conf' using nano editor.

sudo nano /var/lib/snmp/snmpd.conf

Copy and paste the following configuration to the bottom of the line.

createUser snmpadmin SHA "StrongAuthPass" AES "StrongEncPass"

Save the configuration and exit, and you've completed the basic configuration of the SNMP v3 protocol.

5. Now execute the following command to start the snmpd service.

sudo systemctl start snmpd.service

The snmpd service is running on the internal IP address '192.168.1.50' with the SNMP protocol v3.

Verify SNMP Service Authentication

To verify the SNMP configuration on the host machine, you can use the command 'snmpwalk'. This tool can be used to query the system information of remote hosts using the SNMP protocol.

1. From the host machine, execute the snmpwalk command below.

snmpwalk -v3 -a SHA -A StrongAuthPass -x AES -X StrongEncPass -l authPriv -u snmpadmin localhost | head

If your SNMP configuration is correct, you will see the host system information as below.

Verify SNMP from Host machine

2. Next, move to the LibreNMS server and query the host machine on IP address '192.168.1.50' using the snmpwalk command below.

snmpwalk -v3 -a SHA -A StrongAuthPass -x AES -X StrongEncPass -l authPriv -u snmpadmin 192.168.1.50 | head

If your configuration is correct, you will see host machine information as below.

Verify SNMP from LibreNMS Server

Now you've completes the installation and configuration of SNMP with protocol v3 and the password authentication and password encryption.

Setup SNMP Extend to the Host Machine

On LibreNMS, you can use three different methods to monitor hosts and applications:

  1. Direct connection to the application
  2. Using SNMP Extend
  3. Using LibreNMS Agent

In this step, you will learn how to monitor a system or application using the LibreNMS monitoring tool with the SNMP Extend method.

To use the SNMP Extend method, you must download the check command script from the following URL.

https://github.com/librenms/librenms-agent/tree/master/snmp

1. For this example, you will be downloading the check command script 'distro' to detect the host operating system.

Download the check command to the '/usr/local/bin' directory and make it executable using the following command.

curl -o /usr/local/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/local/bin/distro

2. Next, edit the SNMP configuration '/etc/snmp/snmpd.conf' using nano editor.

sudo nano /etc/snmp/snmpd.conf

Paste the following configuration to the bottom of the line.

extend distro /usr/local/bin/distro

Save the configuration and exit.

3. Now restart the snmpd service to apply a new configuration.

sudo systemctl restart snmpd

Now you've completed the basic configuration of LibreNMS monitoring with the SNMP Extend method.

And you're ready to add the Host machine to the LibreNMS monitoring tool.

Add Hosts To LibreNMS Monitoring Tool

Log in to your LibreNMS monitoring tool and move to the menu 'Devices', then click the menu 'Add Device'.

1. Type details devices using the following configuration

  • Hostname: 192.168.1.50 (Host machine IP address).
  • SNMP Version: Protocol v3 on the default port 161 with UDP transport.
  • Auth Level: authPriv
  • Auth User Name: snmpadmin
  • Auth Password: StrongAuthPass
  • Crypto Password: StrongEncPass

Now click the button 'Add Device'.

LibreNMS Add Host/Devices

2. Now wait for some minutes and let the LibreNMS monitoring tool gathers system details from the host machine.

Click the menu 'Devices' and click 'Servers' to get a list of all available devices.

You will see the host machine available on the list server as below.

LibreNMS List Hosts

3. Click the IP address of the host machine to get all details monitoring.

You will see a similar detailed host machine as below.

LibreNMS Hosts

Additionally, below is the graph of the system host machine.

Graph of Servers

Now you've successfully added a host to monitor to the LibreNMS.

Conclusion

Congratulations! You've learned how to add hosts to the LibreNMS monitoring tool using the SNMP protocol v3. Also, you've learned the basic configuration of SNMP for creating a new using and using the protocol v3 with authentication and encryption.

For the next step, you can add additional check commands through the SNMP Extend to monitor other applications. or you can explore other methods to monitor systems and applications using the LibreNMS agent.

Share this page:

0 Comment(s)