SNMP collection setup


#1

I am new to ELK, but trying to setup snmp monitoring using ELK. is there any doc or procedure and how to set this up?
I can see many pointers to suggesting to use the snmp plugin.

Any suggestion will be appreciated.


(Robert Cowart) #2

If you are referring to receiving SNMP traps then you can use the snmptrap logstash input.

If you need to poll for SNMP metrics you will need some additional software. Options include...

  1. Use collectd for polling and send it to logstash's udp input leveraging the collectd codec.

  2. Use InfluxData's Telegraf for polling. You will need to use AMQP/RabbitMQ, Kafka, or one of the other outputs that has a corresponding Logstash input, to get the data from Telegraf to Logstash. There is an Elasticsearch output for Telegraf in Github, which you could also try to build and use if you can't wait for it to be released.

I probably prefer Telegraf to Collectd, but I don't think either are great as neither does the things necessary for truly efficient SNMP collection. In my opinion a truly scalable and consumable SNMP poller is one of the things missing in the world of open source. They are all compromised in one way or the other. This hole in open source is probably the only reason that a lot of legacy NMS vendors are still alive.


#3

Thanks Robert reply, will try it.


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.