Why are we here...
This is not likely something I would have pursued under normal circumstances. I happen to be working for a customer/client who is not afforded a lot of flexibility to accomplish their goals. In this case, the rigor is justified. They have to sometimes be fairly creative with how they solve problems.In this case they would like to utilize an existing snmp implementation to execute a command (or shell script) on a remote system. They came to me with the idea of using Net-SNMP extend.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sect-System_Monitoring_Tools-Net-SNMP-Extending.html
NOTE: This is NOT a good implementation strategy in the "real world" it will simply allow you to test the functionality. There are a TON of security implications which would need to be taken in to consideration.
Implementation Steps:
[root@rh7tst01 ~]# yum -y install net-snmp net-snmp-utils[root@rh7tst01 ~]# cd /etc/snmp
[root@rh7tst01 snmp]# grep -v \# snmpd.conf | grep -v ^$
com2sec notConfigUser default public
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
view systemview included .1
access notConfigGroup "" any noauth exact systemview none none
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
dontLogTCPWrappersConnects yes
-- Update/create snmpd.local.conf
[root@rh7tst01 snmp]# grep -v \# snmpd.local.conf
syscontact James Radtke <root@localhost>
syslocation Laptop, Virtual Machine
extend sshd_pids /usr/local/bin/check_proc.sh sshd
-- Restart and enable snmpd
[root@rh7tst01 snmp]# systemctl restart snmpd
[root@rh7tst01 snmp]# systemctl enable $_
-- Update the firewall
[root@rh7tst01 snmp]# firewall-cmd --permanent --add-port=161/udp
[root@rh7tst01 snmp]# firewall-cmd --reload
[root@rh7tst01 snmp]# cat /usr/local/bin/check_procs.sh
#!/bin/sh
PATTERN=$1
NUMPIDS=`pgrep $PATTERN | wc -l`
echo "There are $NUMPIDS $PATTERN processes."
exit $NUMPIDS
Test your config
[root@rh7tst01 snmp]# snmpwalk -v 2c -c public localhost NET-SNMP-EXTEND-MIB::nsExtendObjects
NET-SNMP-EXTEND-MIB::nsExtendNumEntries.0 = INTEGER: 1
NET-SNMP-EXTEND-MIB::nsExtendCommand."sshd_pids" = STRING: /usr/local/bin/check_proc.sh
NET-SNMP-EXTEND-MIB::nsExtendArgs."sshd_pids" = STRING: sshd
NET-SNMP-EXTEND-MIB::nsExtendInput."sshd_pids" = STRING:
NET-SNMP-EXTEND-MIB::nsExtendCacheTime."sshd_pids" = INTEGER: 5
NET-SNMP-EXTEND-MIB::nsExtendExecType."sshd_pids" = INTEGER: exec(1)
NET-SNMP-EXTEND-MIB::nsExtendRunType."sshd_pids" = INTEGER: run-on-read(1)
NET-SNMP-EXTEND-MIB::nsExtendStorage."sshd_pids" = INTEGER: permanent(4)
NET-SNMP-EXTEND-MIB::nsExtendStatus."sshd_pids" = INTEGER: active(1)
NET-SNMP-EXTEND-MIB::nsExtendOutput1Line."sshd_pids" = STRING: There are 2 sshd processes.
NET-SNMP-EXTEND-MIB::nsExtendOutputFull."sshd_pids" = STRING: There are 2 sshd processes.
NET-SNMP-EXTEND-MIB::nsExtendOutNumLines."sshd_pids" = INTEGER: 1
NET-SNMP-EXTEND-MIB::nsExtendResult."sshd_pids" = INTEGER: 2
NET-SNMP-EXTEND-MIB::nsExtendOutLine."sshd_pids".1 = STRING: There are 2 sshd processes.
-- Now, figure out the OID location
[root@rh7tst01 ~]# snmptranslate -On NET-SNMP-EXTEND-MIB::
.1.3.6.1.4.1.8072.1.3.2.4.1.2
-- Poll the OID
[root@rh7tst01 ~]# snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.8072.1.3.2.4.1.2
NET-SNMP-EXTEND-MIB::
[root@rh7tst01 ~]# snmpwalk -v 2c -c public localhost .1.3.6.1.4.1.8072.1.3.2.4.1.2
NET-SNMP-EXTEND-MIB::
SNMP Foo
Review the man pages for the following helpful commands:
snmpd -H
snmpd -V -c /etc/snmp/snmpd.confsnmpconf -g basic_setup
References:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sect-System_Monitoring_Tools-Net-SNMP-Extending.htmlhttp://www.net-snmp.org/docs/mibs/NET-SNMP-EXTEND-MIB.txt
Comments
Post a Comment