Besides syslog there is another method to store logging information to an external server. SNMP (Simple Network Management Protocol) can be used to collect statistics from network devices including Cisco routers and switches.
SNMP consists of 2 items:
SNMP consists of 2 items:
- NMS (Network Management System)
- SNMP Agents
The NMS is the external server where you want to store logging information. The SNMP agents run on the network devices that we want to monitor. The NMS can query a SNMP agent to collect information from the network device. SNMP has multiple versions, the most popular ones being:
- SNMP version 2c
- SNMP version 3
SNMP version 3 offers security through authentication and encryption which SNMP version 2c does not. SNMP version 2c however is still pretty common. Let me show you a simple example for SNMP version 2c:
Router(config)#snmp-server community TSHOOT ro
First we’ll have to configure a community string. Think of this as a password that the SNMP agent and NMS have to agree upon. I called mine “TSHOOT”. The ro stands for read-only. SNMP isn’t just for retrieving information; we can also use it to configure our network devices. Let’s continue…
Router(config)#snmp-server location Amsterdam
Router(config)#snmp-server contact info@networklessons.com
These two steps are not required but it’s useful to specify a location and contact. This way you’ll at least know where the device is located whenever you receive information through SNMP. The messages that the SNMP agent sends to the NMS are called SNMP traps. Of course we want to send these to an external server so I’ll configure the IP address of the SNMP server:
Router(config)#snmp-server host 192.168.12.2 version 2c TSHOOT
I also have to specify the SNMP version and the community string. Last but not least, let’s activate the traps:
Router(config)#snmp-server enable traps
If I use the snmp-server enable traps command it will enable all SNMP traps:
Router#show run | include traps
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps ds1
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps casa
snmp-server enable traps xgcp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
This is only a portion of everything that you’ll see in the running-configuration. This is a great way to test SNMP but on a production network it’s better to take a look at the different traps and only enable the ones you feel are necessary. One of the SNMP traps in the example above is related to EIGRP. If anything happens with the EIGRP routing protocol a SNMP trap will be send towards the SNMP server.
hostname Router
!
snmp-server community TSHOOT ro
snmp-server location Amsterdam
snmp-server contact info@networklessons.com
snmp-server host 192.168.12.2 version 2c TSHOOT
snmp-server enable traps
!
endIf you want to test this with a SNMP server then I can highly recommend to take a look at Observium. They offer a free “community” edition of their network monitoring software that supports many network devices out of the box (Cisco included).
No comments:
Post a Comment