Using Foglight for SNMP to monitor devices
Installing or upgrading Foglight for SNMP
Foglight for SNMP navigation basics
Understand monitoring with both host and SNMP agents
Multiple Foglight Agent Manager instances
SNMP discovery
SNMP communities and credentials
Accessing the Manage all credentials wizard
Managing SNMP V1 or V2c community strings
Managing the SNMP V3 credentials
Changing an SNMP device credential
Managing monitor configurations
Configuring SNMP agent properties
Changing the GenericSNMPTrapAgent port
Viewing SNMP monitored hosts
Hosts monitored by both an Infrastructure and SNMP agent
Hosts monitored only by SNMP
Hosts monitored only by an Infrastructure agent
Generating reports
Foglight for SNMP reference
Multiple Foglight Agent Manager instances
Having multiple Foglight Agent Manager instances is supported for Foglight for SNMP.
SNMP discovery
Running an SNMP discovery completes the following activities:
|
• |
Creates SNMP monitoring agent instances based on the OS types of the devices selected for discovery. For example, if you choose discovered devices that have Linux® and Windows® operating systems, a GenericSNMPWindowsAgent instance and a GenericSNMPLinuxAgent instance is created in that Foglight Agent Manager to monitor those devices respectively. |
SNMP discovery on Linux requirements
|
• |
Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by the Foglight user. For detailed steps, see Using sudo to configure Secure Launcher permissions. |
Using sudo to configure Secure Launcher permissions
This section contains instructions for using sudo to give agents elevated permissions. Use one of the following two methods: the configuration interface or the fglam.config.xml file.
|
1 |
Follow the instructions in the Launching the Agent Manager Installation Interface or Configuring the Agent Manager from the Command-Line topics in the Foglight Agent Manager Guide. |
|
2 |
|
3 |
Set the path to point to the sudo executable. This executable is typically located in /usr/bin/sudo (the default path provided by the Agent Manager installer). |
|
4 |
Exit from the configuration interface as described in Launching the Agent Manager Installation Interface or Configuring the Agent Manager from the Command-Line topics in the Foglight Agent Manager Guide. |
|
5 |
Edit the sudoers file for your system to allow <fglam_home>/client/<fglam_version>/bin/fog4_launcher to be run as root by a specific user, without requiring a password, and only for the agents that require root privileges. |
For example, to allow the user foglight to run fog4_launcher for two specific agents without being prompted for a password:
|
6 |
Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by a specific user, without requiring a password. This is required for ICMP ping service. |
See the Foglight for Infrastructure User and Reference Guide for detailed examples of how to edit the sudoers file to restrict the granted permissions to a specific set of agents.
|
TIP: For sudo configuration, it is a best practice to use a wildcard for the version-specific Agent Manager and cartridge directories, as shown in the example above. Using a wildcard in a path is described in the Sudoers Manual at:
http://www.gratisoft.us/sudo/man/sudoers.html#wildcards Using a wildcard for the version-specific directories allows you to avoid updating each sudoers file that references these directories when you upgrade the Agent Manager or the agents. |
If these permissions are no longer needed, remove the lines that you added to run fog4_launcher or udp2icmp with root permissions.
|
1 |
Navigate to <fglam_home>/state/default/config. |
|
2 |
Open the fglam.config.xml file for editing. |
|
3 |
Edit the <config:path> element under <config:secure-launcher> to point to the sudo executable. This executable is typically located in /usr/bin/sudo (the default path provided by the Agent Manager installer). |
|
4 |
Edit the sudoers file for your system to allow <fglam_home>/client/<fglam_version>/bin/fog4_launcher to run as root by a specific user, without requiring a password, and only for the agents that require root privileges. |
For example, to allow the user foglight to run fog4_launcher for two specific agents without being prompted for a password:
|
5 |
Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by a specific user, without requiring a password. This is required for ICMP ping service. |
See the Foglight for Infrastructure User and Reference Guide for detailed examples of how to edit the sudoers file to restrict the granted permissions to a specific set of agents.
|
TIP: For sudo configuration, it is a best practice to use a wildcard for the version-specific Agent Manager and cartridge directories, as shown in the example above. Using a wildcard in a path is described in the Sudoers Manual at:
http://www.gratisoft.us/sudo/man/sudoers.html#wildcards Using a wildcard for the version-specific directories allows you to avoid updating each sudoers file that references these directories when you upgrade the Agent Manager or the agents. |