Snmp input plugin doesn't show any activity when configuring snmpv3

olivier974 · November 30, 2018, 10:28am

Hi all,

I'm trying to get the snmp input plugin work using SNMPv3 and, if the plugin doesn't show any error on start up, It doesn't retreive any information either.

I'm using logstash 6.5 with the following configuration:

snmp {
walk => ["1.3.6.1.4.1.2021.9.1"]
auth_pass => "the_good_pass"
auth_protocol => "sha"
priv_pass => "the_good_passwd"
priv_protocol => "aes"
security_name => "the_good_sec_name"
security_level => "authPriv"
hosts => [{host => "udp:my_ip_address/161" community => "my_community" version => "3"}]
type => "snmp"
id => "snmp"
}

tried to put logstash on debug in order to see what's going on but the only information regarding this plugin is :

[2018-11-30T12:16:19,409][INFO ][logstash.inputs.snmp ] using plugin provided MIB path /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-input-snmp-1.0.0/lib/mibs/logstash
Nov 30 12:16:19 OPCOLLOG40 logstash: [2018-11-30T12:16:19,508][INFO ][logstash.inputs.snmp ] using plugin provided MIB path /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-input-snmp-1.0.0/lib/mibs/ietf

when using snmpwalk :
[AAA@YYY conf.d]# snmpwalk -v3 -c my_community -l authPriv -u the_good_name -a sha -A "the_good_pass" -x aes -X "pass" my_server:161 1.3.6.1.4.1.2021.9.1
UCD-SNMP-MIB::dskIndex.1 = INTEGER: 1
UCD-SNMP-MIB::dskIndex.2 = INTEGER: 2
UCD-SNMP-MIB::dskIndex.3 = INTEGER: 3
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 4
UCD-SNMP-MIB::dskIndex.5 = INTEGER: 5
UCD-SNMP-MIB::dskIndex.6 = INTEGER: 6
UCD-SNMP-MIB::dskIndex.8 = INTEGER: 8
UCD-SNMP-MIB::dskPath.1 = STRING: /
UCD-SNMP-MIB::dskPath.2 = STRING: /usr
UCD-SNMP-MIB::dskPath.3 = STRING: /var
UCD-SNMP-MIB::dskPath.4 = STRING: /home
UCD-SNMP-MIB::dskPath.5 = STRING: /mysql
UCD-SNMP-MIB::dskPath.6 = STRING: /storage
UCD-SNMP-MIB::dskPath.8 = STRING: /backup
UCD-SNMP-MIB::dskDevice.1 = STRING: /dev/mapper/rootvg-root_lv
UCD-SNMP-MIB::dskDevice.2 = STRING: /dev/mapper/rootvg-usr_lv
UCD-SNMP-MIB::dskDevice.3 = STRING: /dev/mapper/rootvg-var_lv
UCD-SNMP-MIB::dskDevice.4 = STRING: /dev/mapper/rootvg-home_lv
UCD-SNMP-MIB::dskDevice.5 = STRING: /dev/mapper/datavg-mysql_lv
UCD-SNMP-MIB::dskDevice.6 = STRING: /dev/mapper/datavg-storage_lv
UCD-SNMP-MIB::dskDevice.8 = STRING: /dev/mapper/datavg-backup_lv
UCD-SNMP-MIB::dskMinimum.1 = INTEGER: -1
UCD-SNMP-MIB::dskMinimum.2 = INTEGER: -1
UCD-SNMP-MIB::dskMinimum.3 = INTEGER: -1
UCD-SNMP-MIB::dskMinimum.4 = INTEGER: -1
UCD-SNMP-MIB::dskMinimum.5 = INTEGER: -1
UCD-SNMP-MIB::dskMinimum.6 = INTEGER: -1

Could you help me debug my configuration ?

Br,

Eniqmatic · November 30, 2018, 10:42am

What does your output look like?

Eniqmatic · November 30, 2018, 10:46am

Also I notice in the input your specifying a security_name parameter, but in your snmpwalk command it has a different value?

olivier974 · November 30, 2018, 10:54am

Nothing : no errors, no logs, no data.

When looking at the pipeline statistics, I can see that there is no data in.

So for me, it just don’t start correctly.

I’m on RHEL7.1 using oracle java 1.8.

Eniqmatic · November 30, 2018, 10:57am

Your output config I meant

olivier974 · November 30, 2018, 11:15am

No, I’ved double check all the parameters.

There are ok.

olivier974 · November 30, 2018, 11:15am

I have set the output to stdout { codec => rubydebug }

Eniqmatic · November 30, 2018, 1:34pm

Are you running logstash as a service?

olivier974 · November 30, 2018, 1:53pm

Yes I am.

Eniqmatic · November 30, 2018, 3:25pm

If you do "journalctl --unit=logstash -f" do you see anything being output to stdout?

system · December 28, 2018, 3:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.