Hi Dave,
Regarding the log options in /etc/default/snmp, I wanted to get some clear,
neat and separate log, so as not to get (overwhelmed by) irrelevant information.
The TCS-MIB as you'd expect from below in my mail in the said private MIB.
My intention was to have a perl sub-agent. The pass version was added just in
case it would work by chance (the kind of things that rarely happen, but for
which I get blamed if I don't try).
The access control settings are
% ls -l .snmp/mibs/tcs-agent-module.pl ~
-rw-rw-r-- 1 daniel daniel 3134 5 juin 14:51 .snmp/mibs/tcs-agent-module.pl
% ls -l /etc/snmp/snmpd.conf ~
-rw------- 1 root root 7362 6 juin 10:05 /etc/snmp/snmpd.conf
Here is an extract from the ~/.snmp/mibs/TCS-MIB.mib file
TCS-MIB DEFINITIONS ::= BEGIN
IMPORTS
OBJECT-TYPE, MODULE-IDENTITY, enterprises, Integer32,
Counter32, Gauge32, TimeTicks
FROM SNMPv2-SMI
TruthValue, TimeStamp FROM SNMPv2-TC
MODULE-COMPLIANCE,OBJECT-GROUP FROM SNMPv2-CONF
;
-- Gauge32 est un alias de Gauge
-- EnumVal defini comme un alias de INTEGER
EnumVal ::= INTEGER (0..4294967295)
tcs MODULE-IDENTITY
LAST-UPDATED "201205230000Z"
DESCRIPTION
"Example MIB objects for agent module example implementations"
REVISION "201205230000Z"
DESCRIPTION
"First draft"
::= { eads 3665 }
-- IANA assigned OID 16304 to EADS, but I can't find this in Cafuro, so it's
stated here
eads OBJECT IDENTIFIER ::= { enterprises 16304 }
--
-- test string
--
tcsTestString OBJECT-TYPE
SYNTAX OctetString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is a test string."
DEFVAL { "et comme ca ca marche?" }
::= { tcs 0 }
--
-- definitien de la conformite
-- TODO: a mettre au propre lorsque j'aurai trouve les explications
--
tcsMIBConformance OBJECT IDENTIFIER ::= { tcs 3 }
tcsMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION "La declaration de conformite pour le site Tutoriel en Folie."
MODULE
GROUP tcsMIBGroup
DESCRIPTION "Le tcsGroup contient tous les objets."
::={ tcsMIBConformance 1}
tcsMIBGroup OBJECT-GROUP
OBJECTS {tcsPort1, tcsPort2}
STATUS current
DESCRIPTION "Une collection de tous les objets de la mib."
::= { tcsMIBConformance 2}
--
-- FIN
--
END
After applying what you adviced to the conf files, I still get
% snmpget -v1 -c public localhost sysDescr.0 sysUpTime.0; snmpget -v1 -c public
localhost tcsTestString.0
SNMPv2-MIB::sysDescr.0 = STRING: Linux debian 2.6.32-5-686 #1 SMP Mon Mar 26
05:20:33 UTC 2012 i686
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (5758) 0:00:57.58
tcsTestString.0: Unknown Object Identifier (Sub-id not found: (top) ->
tcsTestString)
I recompiled sources just to be able to make sure there had not been any
trouble in the standard debian package (it says v5.4.3) I use for snmp.
Regards,
Daniel
-----Message d'origine-----
De : dave.shi...@gmail.com [mailto:dave.shi...@gmail.com] De la part de Dave
Shield
Envoyé : mercredi 6 juin 2012 11:48
À : Chayvialle, Daniel (External)
Cc : net-snmp-users@lists.sourceforge.net
Objet : Re: Stuck in the way of quering a private MIB (extension using perl)
On 6 June 2012 10:16, Chayvialle, Daniel (External)
<daniel.chayvialle.exter...@cassidian.com> wrote:
> Here is what I modified in /etc/default/snmp:
>
> %diff /etc/default/snmpd /etc/default/snmpd.org ~
> 11,14c11
> < SNMPDOPTS='-M /var/lib/mibs/ietf:/home/daniel/.snmp/mibs -m
> SNMPv2-SMI:TCS-MIB -LS7d
> -Dagent_handler,disman:event::mib,disman:expr::mib,disman:expr::val,expScalars,fixup_mib_directory,get_mib_directory,perl,snmp_agent,snmpd,snmpv3
> -Lf /var/log/snmpd -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
> ---
>> SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
>
> This merely was an attempt to get any useful log, which did not succeed, at
> least to my understanding
OK - so (ignoring the commented out entries):
- you've switched from logging via syslog, to log directly to a
file. (-Lsd vs -Lf)
- you've explicitly set the MIB directories to search (-M)
- you've explicitly set the only MIB files to load (-m)
- you're setting a whole list of debug tokens to log
If this isn't getting you anything useful, I would suggest that you
revert to the
original invocation.
> Here is my /etc/snmp/snmp.conf
>
> #mibs :
> mibs +SNMPv2-SMI:TCS-MIB
Well, the SNMPv2-SMI is unnecessary, since this is loaded (or at least
handled) by default. Stick with the simple
mibs +TCS-MIB
Where does this MIB come from?
> Here are the changes I made to /etc/snmp/snmpd.conf
>
> % sudo diff /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org ~
> 186,195d185
> < #DC/20120525: ajout d'un agent TCS-MIB
> < doDebugging 1
> < disablePerl false
> < pass 1.3.6.1.4.1.16304.3665 /usr/bin/perl
> /home/daniel/.snmp/mibs/tcs-agent-module.pl
> < perl 'do /home/daniel/.snmp/mibs/tcs-agent-module.pl';
Hmm.... there seems to be some confusion here.
Is this script a "pass" script, or a sub-agent-style script?
I'd expect to see one or the other of these two lines - but not both.
> < #DC/20120525: fin ajout
What are the access control settings in this file?
>
> These are various attempts to get the agent
>
> Here is the output when I walk iso
>
> % snmpwalk -v1 -c public localhost iso ~
> SNMPv2-MIB::sysDescr.0 = STRING: Linux debian 2.6.32-5-686 #1 SMP Mon Mar 26
> 05:20:33 UTC 2012 i686
> SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
> DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (5429948) 15:04:59.48
:
> SNMPv2-MIB::sysORUpTime.8 = Timeticks: (10) 0:00:00.10
> HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (287043) 0:47:50.43
:
> HOST-RESOURCES-MIB::hrSystemMaxProcesses.0 = INTEGER: 0
> End of MIB
In other words, you can *only* see the system group.
What are the access control settings in your snmpd.conf file?
Have a look at the FAQ entry
"I can see the system group, but nothing else. Why?"
> % snmpget -v1 -c public localhost 1.3.6.1.4.1.8072 ~
> Error in packet
> Reason: (noSuchName) There is no such variable name in this MIB.
> Failed object: NET-SNMP-MIB::netSnmp
That will always fail.
You can only use "snmpget" on individual instances - i.e. the exact
variable names listed by "snmpwalk" or similar.
> ...even though it appears when I translate the whole tree
>
> % snmptranslate -Tt | grep netSnmp ~
> netSnmp(8072) type=24
> netSnmpObjects(1) type=0
> netSnmpExtendMIB(1) type=24
> netSnmpVacmMIB(9) type=24
> netSnmpExamples(2) type=24
> netSnmpExampleScalars(1) type=0
> netSnmpExampleInteger(1) type=16
> netSnmpExampleSleeper(2) type=16
> netSnmpExampleString(3) type=2 tc=49 hint=255t
> netSnmpExampleTables(2) type=0
> <and about 30 more lines>
The netSnmp object is a perfectly valid object. But it's an internal
structural object - acting as the root of a tree. It doesn't have a value
directly associated with it.
> But the following does not work:
>
> % snmptranslate -Tl netSnmp ~
> netSnmp: Unknown Object Identifier (Sub-id not found: (top) -> netSnmp)
snmptranslate is a relatively unusual command, in that by default it requires
an absolute object name - either a full path
(.iso.org.dod.internet.private.enterprises.netSnmp)
or qualified by the name of the MIB (NET-SNMP-MIB::netSnmp)
Try adding the option '-IR' to enable "random lookup"
snmptranslate -Tl -IR netSnmp
should work OK.
> Here is what I currently get for snmpget
>
> % snmpget -v1 -c public localhost sysDescr.0 ~
> SNMPv2-MIB::sysDescr.0 = STRING: Linux debian 2.6.32-5-686 #1 SMP Mon Mar 26
> 05:20:33 UTC 2012 i686
> % snmpget -v1 -c public localhost netSnmp ~
> Error in packet
> Reason: (noSuchName) There is no such variable name in this MIB.
> Failed object: NET-SNMP-MIB::netSnmp
Yes - that's correct.
> % snmpget -v1 -c public localhost tcs.0 ~
> tcs.0: Unknown Object Identifier (Sub-id not found: (top) -> tcs)
> % snmpget -v1 -c public localhost tcsTestString.0 ~
> tcsTestString.0: Unknown Object Identifier (Sub-id not found: (top) ->
> tcsTestString)
What does the TCS-MIB look like?
Where have you installed it?
> Here is what I currently get for snmpgetnext and snmpwalk:
>
> % snmpgetnext -v1 -c public localhost tcs ~
> tcs: Unknown Object Identifier (Sub-id not found: (top) -> tcs)
> % snmpwalk -v1 -c public localhost tcs ~
> tcs: Unknown Object Identifier (Sub-id not found: (top) -> tcs)
If snmpget does not understand the MIB object name, then the
other commands won't either.
> Here is what I currently get for snmptranslate:
>
> % snmptranslate -Td tcs ~
> tcs: Unknown Object Identifier (Sub-id not found: (top) -> tcs)
> % snmptranslate -Td netSnmp ~
> netSnmp: Unknown Object Identifier (Sub-id not found: (top) -> netSnmp)
> % snmptranslate -Td sysDescr ~
> sysDescr: Unknown Object Identifier (Sub-id not found: (top) -> sysDescr)
Don't worry about snmptranslate. It's much fussier than the other tools.
(See above)
> I also tried recompiling the last sources (5.7.1) yesterday evening,
I wouldn't worry about recompiling sources.
Given that you're extending the agent using perl scripts, this
shouldn't be necessary.
Concentrate on:
- first getting the access control sorted, so that you can query
the full agent
(not just the system group)
- getting the TCS-MIB loading properly, so that you can refer to
'tcs' successfully
- sorting out the perl extension - decide which approach you want to use,
and stick to that (rather than mixing the two).
Then - and only then - is it worth worrying about whether your
extension works or not.
Dave
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
