How-To: Monitor your servers with SNMP and Cacti

3 minute read

SNMP (Simple Network Management Protocol) is a protocol for managing networks. Each managed entity in the network will run an snmp server (snmpd) which is going to collect datas from the server such as networking, load, cpu …

Cacti on the other hand is a frontend to the RRDTool with SNMP support. It collects and keep data in a MySQL database and display them through a PHP web frontend.

This tutorial will show how to configure the network manager to use Cacti and how to set up snmp on the managed host.

In this how-to, we are going to run the SNMP server and cacti on the same host and bind the service to localhost. This way, SNMP service won’t be accessible from the outside. This is a good configuration when all you want to do is monitoring your home network router for instance.

If you intend to deploy this on a network, just keep in mind that SNMP server as to accept connection from the manager network wise (The remote IP need to be able to connect to the server) and within SNMPD configuration (The service as to return collected datas to the manager).

In the first part of this article, we are going to install and configure the SNMP server.

A second part will present how to install and configure Cacti on the manager.

Finally, we are going to configure Cacti to collect and display CPU, Load, Memory and Network statistic of the SNMP server.

This article was made using Debian Etch and Ubuntu Feisty but should also work out of the box for previous version of those distributions.

1. SNMPD

SNMPD is the service running SNMP on a managed entity. SNMP comes in 3 versions. Version 1, the one we are going to use here is not secured, therefore we are going to make sure that only localhost is going to be able to access it.

People opening the service to the outside should make sure that trusted hosts can access the service either though the use of iptables or through the use of /etc/hosts.allow.

1.1. Installing the SNMP server

The only package which is required on the server site is snmpd, the SNMP daemon.

To install it type:

sudo apt-get install snmpd

snmpd is now installed but we still have to tweak it a little bit to make it work as we want.

1.2. Configuring SNMPD

The first thing we want to make sure is that snmpd is only going to wait for connections on localhost. To do this, edit file /etc/default/snmpd and make sure those values are set:

SNMPDRUN=yes
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

If you want your server to listen on all interfaces, remove the 127.0.0.1 bit.

This setting will make sure that the service will be started and that the service is going to bind to localhost.

Finally, we are going to configure snmpd in such a way that it will only return datas to trusted host for a specific community.

Edit /etc/snmp/snmpd.conf and make sure that com2sec it only set to:

com2sec readonly localhost mycommunity

If you want a remote machine to be able to gather information for the community mycommunity, make sure you replace localhost by mynetwork, where mynetwork can be of the form: 1.1.1.1 or 1.1.0.0/16.

1.3. Checking SNMP configuration:

We are going to use the snmpwalk utility to verify that the server is working as wanted.

Here we want snmp to reply only to localhost for the community mycommunity.

From localhost

snmpwalk -Os -c mycommunity -v 1 localhost system

Should return a lot of output and:

snmpwalk -Os -c public -v 1 localhost system
Timeout: No Response from localhost

If the second command returns result, it might be because you did not comment the line starting with com2sec.

Now let go ahead and install cacti.