Skip to main content

Extending SNMP to run arbitrary shell script

Why are we here...

This is not likely something I would have pursued under normal circumstances.  I happen to be working for a customer/client who is not afforded a lot of flexibility to accomplish their goals.  In this case, the rigor is justified.  They have to sometimes be fairly creative with how they solve problems.

In this case they would like to utilize an existing snmp implementation to execute a command (or shell script) on a remote system.  They came to me with the idea of using Net-SNMP extend.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sect-System_Monitoring_Tools-Net-SNMP-Extending.html

NOTE:  This is NOT a good implementation strategy in the "real world"  it will simply allow you to test the functionality.  There are a TON of security implications which would need to be taken in to consideration.

Implementation Steps:

[root@rh7tst01 ~]# yum -y install net-snmp net-snmp-utils
[root@rh7tst01 ~]# cd /etc/snmp
[root@rh7tst01 snmp]# grep -v \# snmpd.conf | grep -v ^$
com2sec notConfigUser  default       public
group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser
view    systemview    included   .1.3.6.1.2.1.1
view    systemview    included   .1.3.6.1.2.1.25.1.1
view    systemview included   .1
access  notConfigGroup ""      any       noauth    exact  systemview none none
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
dontLogTCPWrappersConnects yes

-- Update/create snmpd.local.conf
[root@rh7tst01 snmp]# grep -v \# snmpd.local.conf
syscontact James Radtke <root@localhost>
syslocation Laptop, Virtual Machine

extend sshd_pids /usr/local/bin/check_proc.sh sshd

-- Restart and enable snmpd
[root@rh7tst01 snmp]# systemctl restart snmpd
[root@rh7tst01 snmp]# systemctl enable $_

-- Update the firewall
[root@rh7tst01 snmp]# firewall-cmd --permanent --add-port=161/udp
[root@rh7tst01 snmp]# firewall-cmd --reload
[root@rh7tst01 snmp]# cat /usr/local/bin/check_procs.sh
#!/bin/sh

 PATTERN=$1
NUMPIDS=`pgrep $PATTERN | wc -l`

 echo "There are $NUMPIDS $PATTERN processes."
exit $NUMPIDS


Test your config

[root@rh7tst01 snmp]# snmpwalk -v 2c -c public localhost NET-SNMP-EXTEND-MIB::nsExtendObjects
NET-SNMP-EXTEND-MIB::nsExtendNumEntries.0 = INTEGER: 1
NET-SNMP-EXTEND-MIB::nsExtendCommand."sshd_pids" = STRING: /usr/local/bin/check_proc.sh
NET-SNMP-EXTEND-MIB::nsExtendArgs."sshd_pids" = STRING: sshd
NET-SNMP-EXTEND-MIB::nsExtendInput."sshd_pids" = STRING: 
NET-SNMP-EXTEND-MIB::nsExtendCacheTime."sshd_pids" = INTEGER: 5
NET-SNMP-EXTEND-MIB::nsExtendExecType."sshd_pids" = INTEGER: exec(1)
NET-SNMP-EXTEND-MIB::nsExtendRunType."sshd_pids" = INTEGER: run-on-read(1)
NET-SNMP-EXTEND-MIB::nsExtendStorage."sshd_pids" = INTEGER: permanent(4)
NET-SNMP-EXTEND-MIB::nsExtendStatus."sshd_pids" = INTEGER: active(1)
NET-SNMP-EXTEND-MIB::nsExtendOutput1Line."sshd_pids" = STRING: There are 2 sshd processes.
NET-SNMP-EXTEND-MIB::nsExtendOutputFull."sshd_pids" = STRING: There are 2 sshd processes.
NET-SNMP-EXTEND-MIB::nsExtendOutNumLines."sshd_pids" = INTEGER: 1
NET-SNMP-EXTEND-MIB::nsExtendResult."sshd_pids" = INTEGER: 2
NET-SNMP-EXTEND-MIB::nsExtendOutLine."sshd_pids".1 = STRING: There are 2 sshd processes.

-- Now, figure out the OID location
[root@rh7tst01 ~]# snmptranslate -On NET-SNMP-EXTEND-MIB::nsExtendOutLine
.1.3.6.1.4.1.8072.1.3.2.4.1.2

-- Poll the OID
[root@rh7tst01 ~]# snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.8072.1.3.2.4.1.2
NET-SNMP-EXTEND-MIB::nsExtendOutLine."sshd_pids".1 = STRING: There are 4 sshd processes.

SNMP Foo

Review the man pages for the following helpful commands:
snmpd -H
snmpd -V -c /etc/snmp/snmpd.conf
snmpconf -g basic_setup




References:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sect-System_Monitoring_Tools-Net-SNMP-Extending.html
http://www.net-snmp.org/docs/mibs/NET-SNMP-EXTEND-MIB.txt
Labels:

Comments

Post a Comment

Popular posts from this blog

RHN Satellite Server (spacewalk) repomd.xml not found

"repomd.xml not found" If you add a channel, or if your RHN cache gets corrupted, and one of your guests complains that it cannot find repomd.xml for jb-ews-2-x86_64-server-5-rpm (for example) - you need to rebuild your repodata cache. Normally this is an automated job - which is exemplified by the fact that you have obviously built out your entire Satellite environment and never had to do any of the steps you are about to do. So - some prep work: Open 3 terminals to your Satellite Server and run: # Term 1 cd /var/cache/rhn watch "ls -l | wc -l" # Term 2 pwd cd /var/log/rhn tail -f rhn_taskomatic_daemon.log # Term 3 satellite-sync --channel=jb-ews-2-x86_64-server-5-rpm Once the satellite-sync has completed, you >should< see the count increment by one.  If you are unlucky (like me) you will not. You then need to login to the Satellite WebUI as the satellite admin user. Click on the Admin tab (at the top) Task Schedules (on the left) fin
Post a Comment
Read more

Install RHEL 7 on old HP DL380 g5

Someone at work had been running RHEL on an HP DL380 G5 and blew it up.  After several attempts at doing an installation that made me conclude the hardware was actually bad... I kept digging for the answer. Attempt install and Anaconda could not find any disks - try a Drivers Disk (dd.img) both cciss and hpsa.   -- once we did that, when the system would reboot it would say it could not find a disk. hmmm. Boot from your installation media and interrupt the startup at grub. Add hpsa.hpsa_allow_any=1 hpsa.hpsa_simple_mode=1 to the line starting with linuxefi press CTRL-X to boot. Once the system restarts after the install, you need to once again interrupt the startup and add the line from above. After the system starts, edit /etc/default/grub and add those 2 parameters to the end of the line starting with GRUB_CMDLINE_LINUX (which likely has quiet at the end of the line currently). then run # cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig # grub2-mkconfig -o /boot/grub2
Post a Comment
Read more

MOTD with colors! (also applies to shell profiles)

I'm not sure why I had never looked into this before, but this evening I became obsessed with discovering how to present different colored text in the /etc/motd. A person had suggested creating a shell script (rather than using special editing modes in vi, or something) and I agree that is the simplest way of getting this accomplished quickly. This most noteworthy portion of this script is the following: RESET="\033[0m" that puts the users shell back to the original color. I typically like a green text on black background. Also - a great reference for the different colors and font-type (underscore, etc...) https://wiki.archlinux.org/index.php/Color_Bash_Prompt I found this example on the web and I wish I could recall where so that I could provide credit to that person. #!/bin/bash #define the filename to use as output motd="/etc/motd" # Collect useful information about your system # $USER is automatically defined HOSTNAME=`uname -n` KERNEL=`un
1 comment
Read more