Author: @Carsten
Revision: v1.0
Tested with:
- AIX 7.x (but should also workk with 6.x or VIO 2.x/3.x)
- SNMPdv3
This howto will show you how to enable full snmp capability for AIX to monitor everything with snmp requests.
I use snmpv3 in this howto, mainly because of PowerHA is used too.
SNMPDv3 configuration
- Edit /etc/snmpdv3.conf and add / or replace lines with this
VACM_GROUP group1 SNMPv1 public -
VACM_GROUP group1 SNMPv2c public -
VACM_VIEW defaultView internet - included -
VACM_VIEW defaultView 1.3.6.1.4.1.2.2.1.1.1.0 - included -
VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191.1.6 - included -
# exclude snmpv3 related MIBs from the default view
VACM_VIEW defaultView snmpModules - excluded -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -
# exclude aixmibd managed MIBs from the default view
VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -
# Added for icinga
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.3 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.6 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.3 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.6 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.7 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.8 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.9 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.10 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.5 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.2 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.7 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.1 - included -
VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.2 - included -
VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -
VACM_ACCESS group1 - - noAuthNoPriv SNMPv2c defaultView - defaultView -
COMMUNITY public public noAuthNoPriv 0.0.0.0 0.0.0.0 -
Change public to whatever you want to use as community.
If you want to allow access from 1 IP or a network you have to change this line
COMMUNITY public public noAuthNoPriv 0.0.0.0 0.0.0.0 -
For example you want only access from one ip (10.10.10.10)
COMMUNITY public public noAuthNoPriv 10.10.10.10 255.255.255.255 -
Or if you want to allow from a network (20.20.0.0/16)
For example you want only access from one ip (10.10.10.10)
COMMUNITY public public noAuthNoPriv 20.20.0.0 255.255.0.0 -
Restart snmpd daemon
stopsrc -s snmpd && startsrc -s snmpd
Test with snmpwalk
snmpwalk -v2c -m all -c public 10.10.10.10
You should now get a (really) long list
SNMPv2-MIB::sysDescr.0 = STRING: IBM PowerPC CHRP Computer
Machine Type: 0x0800004c Processor id: 00C026F04B00
Base Operating System Runtime AIX version: 07.02.0003.0015
TCP/IP Client Core Support version: 07.02.0003.0015
SNMPv2-MIB::sysObjectID.0 = OID: IBM-3200-MIB::ibm.3.1.2.1.1.3
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (495200) 1:22:32.00
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: Hurz
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 72
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (300) 0:00:03.00
SNMPv2-MIB::sysORID.1 = OID: IBM-3200-MIB::ibm.3.1.2.1.1.3
SNMPv2-MIB::sysORID.2 = OID: HOST-RESOURCES-MIB::host
SNMPv2-MIB::sysORID.3 = OID: IBM-3200-MIB::ibmProd.191
SNMPv2-MIB::sysORID.4 = OID: IBM-3200-MIB::ibm.3.1.2.1.6
SNMPv2-MIB::sysORDescr.1 = STRING: AIX SNMP Agent
SNMPv2-MIB::sysORDescr.2 = STRING: Host Resources DPI sub-agent Version 1
SNMPv2-MIB::sysORDescr.3 = STRING: AIX Enterprise MIB Support subagent
SNMPv2-MIB::sysORDescr.4 = STRING: AIX SNMP MIB SubAgent
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (300) 0:00:03.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (300) 0:00:03.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (300) 0:00:03.00
IF-MIB::ifNumber.0 = INTEGER: 3
IF-MIB::ifIndex.1 = INTEGER: 1
IF-MIB::ifIndex.2 = INTEGER: 2
IF-MIB::ifIndex.3 = INTEGER: 3
IF-MIB::ifDescr.1 = STRING: en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available!
IF-MIB::ifDescr.2 = STRING: en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available!
IF-MIB::ifDescr.3 = STRING: lo0
....
Fix strange interface names for nwc_health
AIX has some strange interfacenames (i did not found a way to change them), which leads to very long output of nwc_health
SNMP ouput:
IF-MIB::ifDescr.1 = STRING: en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available!
IF-MIB::ifDescr.2 = STRING: en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available!
Example nwc_health output:
# /usr/lib64/nagios/plugins/check_nwc_health --community public --hostname 10.10.10.10 --mode interface-usage --protocol 2c
OK - interface en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! usage is in:0.00% (8744.42bit/s) out:0.00% (10912.21bit/s), interface en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! usage is in:0.45% (19299163.35bit/s) out:0.33% (14331899.87bit/s), interface lo0 usage is in:0.00% (820.29bit/s) out:0.00% (820.29bit/s) | 'en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _usage_in'=0.00%;80;90;0;100 'en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _usage_out'=0.00%;80;90;0;100 'en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _traffic_in'=8744.42;3435973835.2;3865470564.6;0;4294967294 'en0; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _traffic_out'=10912.21;3435973835.2;3865470564.6;0;4294967294 'en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _usage_in'=0.45%;80;90;0;100 'en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _usage_out'=0.33%;80;90;0;100 'en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _traffic_in'=19299163.35;3435973835.2;3865470564.6;0;4294967294 'en1; Product: Virtual I/O Ethernet Adapter (l-lan) Manufacturer: not available! Part Number: not available! FRU Number: not available! _traffic_out'=14331899.87;3435973835.2;3865470564.6;0;4294967294 'lo0_usage_in'=0%;80;90;0;100 'lo0_usage_out'=0%;80;90;0;100 'lo0_traffic_in'=820.29;0;0;0;0 'lo0_traffic_out'=820.29;0;0;0;0
We want to see only en1_(usage|traffic).* so we have to modify the perfdata output and the message output.
# /usr/lib64/nagios/plugins/check_nwc_health --community public --hostname 10.10.10.10 --mode interface-usage --morphmessage '([[:word:]]+) - (interface en\d+).*(usage is .*)=$1 - $2 $3' --morphperfdata '(en\d+).* _(.*)=$1_$2' --protocol 2c --regexp
OK - interface en0 usage is in:0.00% (758.82bit/s) out:0.00% (758.82bit/s) | 'en0_usage_in'=0.00%;80;90;0;100 'en0_usage_out'=0.00%;80;90;0;100 'en0_traffic_in'=9124.24;3435973835.2;3865470564.6;0;4294967294 'en0_traffic_out'=6921.18;3435973835.2;3865470564.6;0;4294967294 'en1_usage_in'=0.26%;80;90;0;100 'en1_usage_out'=0.22%;80;90;0;100 'en1_traffic_in'=11116618.57;3435973835.2;3865470564.6;0;4294967294 'en1_traffic_out'=9371839.65;3435973835.2;3865470564.6;0;4294967294 'lo0_usage_in'=0%;80;90;0;100 'lo0_usage_out'=0%;80;90;0;100 'lo0_traffic_in'=758.82;0;0;0;0 'lo0_traffic_out'=758.82;0;0;0;0
Example Service with fix interface names
apply Service "Interface Usage" {
import "generic-service"
check_command = "nwc_health2"
vars.nwc_health_mode = "interface-usage"
vars.nwc_health_report = "short"
vars.nwc_health_community = "public"
vars.nwc_health_protocol = "2c"
vars.nwc_health_morphperfdata = "(en\\d+).* _(.*)=$$1_$$2"
vars.nwc_health_morphmessage = "([[:word:]]+) - (interface en\\d+).*(usage is .*)=$$1 - $$2 $$3"
vars.nwc_health_regexp = true
assign where host.name in ["Hurz"]
}
This will need a change to the nwc_health command (PR soon), because it misses the --morphmessageparameter.
You can add it with this nwc_health2 commando definition
object CheckCommand "nwc_health2" {
import "nwc_health"
arguments += {
"--morphmessage" = {
value = "$nwc_health_morphmessage$"
description = "Modify the final output message"
}
}
}
Regards,
Carsten