Cacti SNMP v3 How-To (0.1) ~~~~~~~~~~~~~~~~~~~~~~~~~~ Preface: ~~~~~~~~ This document is intended to describe the process required to enable encrypted snmp polling within cacti. The document was written whilst performing the installation on a Linux Fedora Core 3 server, although implemntations on Fedora Core 1 & White Box Enterprise Linux have also been sucesful. The host used to gather data from for the purpose of this document is a Nokia IPSO appliance. Limitations: ~~~~~~~~~~~~ The version of cacti used will be 0.8.6b, "TheWitness" has told me that this version has a pooler crash, but I've yet to try upgrading to 8.8.6c. System Requirements: ~~~~~~~~~~~~~~~~~~~~ Apache, php, mysql, snmp, rrd-tool, and cacti ;-) Installation: ~~~~~~~~~~~~~ I'm going to assume that you've got to the point where all of the parts needed for system requirements are working, cacti is installed, and you've just logged in after step 8 of http://www.cacti.net/downloads/docs/html/install_unix.html and was going to create a device. (1) Log out ;-) Before we can create any snmp v3, we need to enable it; to enable snmp we need to make some changes to the php files. (2) Change: ~/cacti_install_dir/lib/snmp.php.txt Line 46: Change $version = "1"; to $version = "3"; Line 65: Change $snmp_auth = "-u $username -X $password"; /* v3 - username/password */ to $snmp_auth = "-u $username -A $password"; /* v3 - username/password */ Line 119: Change $snmp_auth = "-u $username -X $password"; /* v3 - username/password */ to $snmp_auth = "-u $username -A $password"; /* v3 - username/password */ (3) Change: ~/cacti_install_dir/include/config_form.php.txt Line 655: Change "method" => "hidden" to "method" => "textbox" Line 663: Change "method" => "hidden" to "method" => "textbox" (4) Change: config_settings.php.txt Uncomment Line 186 -> 199, i.e. remove the "//" from the begining of each line. (5) Change: config_array.php.txt Line 135: Change: $snmp_versions = array(1 => "Version 1", "Version 2"); to $snmp_versions = array(1 => "Version 1", "Version 2", "Version 3"); (6) Create /etc/snmp/snmp.conf defContext "" defSecurityLevel authNoPriv (7) Create Device As documented. http://www.cacti.net/downloads/docs/html/graph_howto.html#NEW_DEVICE (For Nokia IPSO Appliences use host Templaye Generic SNMP-enabled HOST, and Associated Data Queries: SNMP - Get Processor Infomation & SNMP - Interface Statistics ) Screen Shot: http://www.linickx.com/files/pics/cacti-snmpv3-createhost.png (8) Create Graph As Documented. http://www.cacti.net/downloads/docs/html/graph_howto.html Appendix: ~~~~~~~~~ * Rpms on my FC3 Machine [nick@linickx]$ rpm -qa | grep mysql mysql-3.23.58-14 php-mysql-4.3.10-3.2 mysql-server-3.23.58-14 mysql-devel-3.23.58-14 libdbi-dbd-mysql-0.6.5-9 [nick@linickx]$ rpm -qa | grep php php-ldap-4.3.10-3.2 php-mysql-4.3.10-3.2 php-odbc-4.3.10-3.2 php-4.3.10-3.2 php-pear-4.3.10-3.2 [nick@linickx]$ rpm -qa | grep http httpd-suexec-2.0.52-3.1 system-config-httpd-1.3.1-1 httpd-2.0.52-3.1 httpd-manual-2.0.52-3.1 [nick@linickx]$ rpm -qa | grep rrd rrdtool-1.0.49-3 [nick@linickx]$ rpm -qa | grep snmp net-snmp-libs-5.1.2-11 net-snmp-5.1.2-11 net-snmp-utils-5.1.2-11 * How to setup snmp v3 on IPSO (The is a quick guide of the steps needed) (1) Log into Voyager (2) Click Config (3) Below the heading "Security and Access Configuration" Click Users (4) Add a new user (Username , uid {eg. 110}, home {eg /var/uid}), Click Apply (5) Set new users password , click apply (6) CLick Home, config, snmp (7) at the bottom of page set user to read-write to test from cacti server, try from shell, snmpwalk -u user -A password , you should get.... [nick@Fedora ~]$ snmpwalk -u user -A password default_gw SNMPv2-MIB::sysDescr.0 = STRING: IP650 rev AAA06449-411, IPSO xxx 3.7.1-BUILD004 releng 1227 11.06.2003-010000 i386 SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.94.1.21.2.1.8 SNMPv2-MIB::sysUpTime.0 = Timeticks: (382157315) 44 days, 5:32:53.15 SNMPv2-MIB::sysContact.0 = STRING: Me SNMPv2-MIB::sysName.0 = STRING: Nokia SNMPv2-MIB::sysLocation.0 = STRING: Here SNMPv2-MIB::sysServices.0 = INTEGER: 76 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (16) 0:00:00.16 SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB SNMPv2-MIB::sysORID.2 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance SNMPv2-MIB::sysORID.3 = OID: SNMP-MPD-MIB::snmpMPDCompliance SNMPv2-MIB::sysORID.4 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance ....... * ChangeLog 1. 16/3/2005 : [NICK] Doc Complete 2. 17/3/2005 : [NICK] Doc Published on http://forums.cacti.net/ * END And I think that's all folks, I hope it works for you & that you find this of some use !.