Configuration of the vSphere SNMP Agent
SNMP v1 and v2c authentication is provided using community strings. The vSphere SNMP Agent can be configured either using ESXCLI commands or using vCLI commands.
You may run the ESXCLI commands in the local vSphere DCUI shell to configure vSphere SNMP Agent, or run the vCLI commands to access remote vSphere systems from a system where the vCLI package is installed.
Configuring the vSphere SNMP Agent using esxcli commands in the local DCUI shell
1. Setting Agent to factory defaults
esxcli system snmp set –r
# -r option will set agent configuration to factory defaults
2. Enable the service
esxcli system snmp set -e 1
# -e 1/yes/true option will enable SNMP service.
# –e 0/no/false option will disable SNMP Service
3. Setting the community
esxcli system snmp set -c private
# will set community
4. Setting the log level
esxcli system snmp set –l debug
# will set syslog log level to the highest
5. Setting the trap target
esxcli system snmp set -t [192.168.0.200@1111/public | mailto:192.168.0.200@1111/public]
# will set the v1/v2c trap targets
Configuration using vCLI
1. vicfg-snmp --server <server ip> --username <server usrname> --password <server password> –s
# Will display the SNMP Agent configuration
2. Set the SNMP Agent to the factory defaults
vicfg-snmp --server <server ip> --username <server usrname> --password <server password> –r
# -r option will set agent configuration to factory defaults
3. Enable the SNMP Agent
vicfg-snmp --server <server ip> --username <server usrname> --password <server password> –E
# Used to Enable SNMP Agent
4. Set the Community
vicfg-snmp --server <server ip> --username <server usrname> --password <server password> –c private
# Used to set community
5. Set the trap targets
vicfg-snmp --server <server ip> --username <server usrname> --password <server password> -t 192.168.0.200@1111/public
# used to set v1/v2c trap targets
Configuration of net-snmp in a LinuxServer as SNMP Client
When using net-snmp 5.7, the snmptrapd program, first disable the authorization in /var/net-snmp/snmptrapd.conf file:
disableAuthorization yes
This option will disable the access control checks, and will accept all incoming notifications. Then start snmptrapd as follows with the defined
configuration file. It runs in the foreground, uses only that config file and logs to stderr:
snmptrapd -f -Le -C -c /var/net-snmp/snmptrapd.conf udp:1111
# 1111 is the port you are listening on
Debugging Information
Syslog Information
Syslog information can be collected from the /var/log/syslog.log file.
Tcpdump Information
Tcpdump information can be collected from a vSphere host from the DCUI shell using the following command:
tcpdump-uw -v -i vmk0 -n -T snmp udp and port 1111
#1111 is the port on which client is listening
WireShark Configuration
The wireshark user guide can be found at http://www.wireshark.org/docs/wsug_html_chunked/