Besides syslog there is another method to store logging information to an external server. SNMP (Simple Network Management Protocol) can be used to collect statistics from network devices including Cisco routers and switches.
SNMP consists of 2 items:
- NMS (Network Management System)
- SNMP Agents
The NMS is the external server where you want to store logging information. The SNMP agents run on the network devices that we want to monitor. The NMS can query a SNMP agent to collect information from the network device. SNMP has multiple versions, the most popular ones being:
- SNMP version 2c
- SNMP version 3
SNMP version 3 offers security through authentication and encryption which SNMP version 2c does not. SNMP version 2c however is still pretty common. Let me show you a simple example for SNMP version 2c:
Router(config)#snmp-server community TSHOOT ro
First we’ll have to configure a community string. Think of this as a password that the SNMP agent and NMS have to agree upon. I called mine “TSHOOT”. The ro stands for read-only. SNMP isn’t just for retrieving information; we can also use it to configure our network devices. Let’s continue…
Router(config)#snmp-server location Amsterdam
Router(config)#snmp-server contact info@networklessons.com
These two steps are not required but it’s useful to specify a location and contact. This way you’ll at least know where the device is located whenever you receive information through SNMP. The messages that the SNMP agent sends to the NMS are called SNMP traps. Of course we want to send these to an external server so I’ll configure the IP address of the SNMP server:
Hi Abdi,
That’s all you need to get it going yes. If you want to test this, I can highly recommend to try LibreNMS:
https://www.librenms.org/
Rene
Hello Aniket
SNMP is a protocol that not only monitors network devices, but can also change their configurations. SNMP uses seven PDU types. Only one of those, SetRequest, is used to modify something in the config of the device. Specifically it is a request from an SNMP manager to an agent to change the value of a variable or list of variables. This is the PDU that requires the RW community string.
The RW community string is not involved in config backups, but in actual changes to the config itself.
I hope this has been helpful!
Laz
There’s a lab in GNS3VAULT that states the following:
Configure router Agent so it doesn’t send any traps or informs when something happens with the loopback0 interface.
How do you accomplish this?
Hello Mike
You can disable SNMP traps on an interface by issuing the following command in the interface mode:
Router(config-if)# snmp trap if-monitor
This will disable all SNMP monitoring (traps and informs) on that particular interface.
I hope this has been helpful!
Laz
Hi Lazaros,
Yes it has been helpful, thanks very much (again).
Sam