Monday, October 31, 2011

SNMP Monitoring

Recently, I've been working on a project which involves remote monitoring and configuration of server and network devices. Obviously, my research has led me to further discover the intricacies of the SNMP protocol and agents which can often provide extensive monitoring and configuration capabilities.

I've obviously been looking at native and third-party, proprietary and open source, SNMP agents for Windows and Linux. No doubt, configuration parameters can vary drastically depending on the information and level of configurability that you desire but they all rely on similar concepts and use similar vocabulary. These concepts are best outlined in the following locations.

The best example of its structure is probably represented by the following picture.

It will most likely remind you of postal addressing systems, directory service hierarchies and other hierarchal structures such as those used by Domain Service System (DNS) with each level being represented by numbers and/or shorthand strings. At the end of the hierarchy is a string/counter/number which represents the value of the concerned attribute of the piece of hardware and/or software in question at any point in time. These attributes can range from the name of the installed Operating System, to the total number of bytes sent on a particular Network Interface Card (NIC).

Based on the intent on my project it seems clearer that using SNMP as a basis for monitoring may be overkill (though I'll add some SNMP functionality). While it allows for a more finer grained image of the situation, it is also clear that much of this information is redundant especially when you are using 'generic hardware' (whether it is server and or desktop class). As such, it becomes more obvious the reasoning behind extensive templates that often accompany more mature monitoring systems such as ZenOSS, Zabbix, and Dell OpenManage.

While it is clear that SNMP is a useful and mature protocol there have clearly been moves to modernise it (for instance, through enhanced security, accessibilty, and configurability) and there are alternative technologies such as Link Layer Discovery Protocol (LLDP) and Cisco Discovery Protocol (CDP).