Configuring SNMP for vCenter Appliance
search cancel

Configuring SNMP for vCenter Appliance

book

Article ID: 325026

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

The vCenter Server Appliance includes an SNMP agent that can send trap notifications and receive GET, GETBULK, and GETNEXT requests.

Environment

vCenter Server Appliance

Cause

SNMP configuration for vCenter Server Appliance

Resolution

1. Log in to the appliance shell, with root password: Toggling the vCenter Server Appliance default shell

2. Run the command below, it should look like the example image below (if the configuration is new)

snmp.get

Output:

Command> snmp.get
Config:
   Authentication: none
   Communities: ''
   Enable: False
   Processlist: False
   Engineid: ''
   Loglevel: warning
   Notraps: ''
   Port: 161
   Privacy: none
   Syscontact: ''
   Syslocation: ''
   Targets:
   Users:
   Remoteusers:
   V3targets:
   Pid: n/a

3. The next step is to set the community, which for SNMP V1 or V2, is “public”

snmp.set --communities public

4. Configure SNMP targets.

For example:

snmp.set --targets <trap_server_ip>@162/public

Or you can add more than 1 target:

snmp.set --targets <server_ip_1>@162/public,<server_ip_2>@162/public

>>(162 is the default)

5. Choose among the 4 logging levels available:

The 4 logging levels are as follows:

  • debug,
  • info,
  • warning, and
  • error.

Note: "Debug" has the highest verbosity level and "error" has the lowest.

snmp.set --loglevel debug

6. Enable SNMP with the command below:

snmp.enable

7. Test the SNMP configuration with the command below:

snmp.test

The test should work successfully.

8. Run the command snmp.get again, you will get the information, including "EngineID"
>>(If you only need the EnigneID, you can just type command: snmp.enable then snmp.get, without the steps above)

9. Then, if you need SNMP V3, a username and password should be set.

10-Create the authorization and privacy with a protocol other than “none” for the next step to work.
Run the commands below:

snmp.set --authentication SHA1
snmp.set --privacy AES128

11. Open a duplicate session from the SSH, log in with root, and enter the BASH shell.

12. Create two text files, with two passwords of more than 8 characters, note down the paths of those files and then run the command below:

snmp.hash --auth_hash /directory/nameoffile1.txt --priv_hash /directory/nameoffile2.txt

>> You can specify the flag "--raw_secret" and set the boolean parameter to "true".

For example:

Command> snmp.hash -- auth_hash /root/testi.txt -- priv_hash /root/test2.txt -- raw_secret true
Hash:
	Auth_key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
	Priv key: YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

13. Set the user:

snmp.set --user userid/authhash/privhash/security

Both hash keys must be written.

The parameters in the command are as follows.

Parameter Description
userid Replace with the user name, which should not be more than 32 characters.
authhash Replace with the authentication hash value.
privhash Replace with the privacy hash value.
security Replace with the level of security enabled for that user, which can be auth, for authentication only, priv, for authentication and privacy, or none, for no authentication or privacy.


15-You can configure the SNMP v3 targets

Configure SNMP v3 Targets

16-snmp.set --port 161 (which is the default port for polling)

Configure the SNMP Agent for Polling

>>For further information, refer to this KB article on monitoring through SNMP: Monitoring VCSA using SNMP

>>Note that if you wish to reset all configurations, run the command below

snmp.reset



Powered by Wolken Software