Besides syslog there is another method to store logging information to an external server. SNMP (Simple Network Management Protocol) can be used to collect statistics from network devices including Cisco routers and switches.
SNMP consists of 2 items:
- NMS (Network Management System)
- SNMP Agents
The NMS is the external server where you want to store logging information. The SNMP agents run on the network devices that we want to monitor. The NMS can query a SNMP agent to collect information from the network device. SNMP has multiple versions, the most popular ones being:
- SNMP version 2c
- SNMP version 3
SNMP version 3 offers security through authentication and encryption which SNMP version 2c does not. SNMP version 2c however is still pretty common. Let me show you a simple example for SNMP version 2c:
Router(config)#snmp-server community TSHOOT ro
First we’ll have to configure a community string. Think of this as a password that the SNMP agent and NMS have to agree upon. I called mine “TSHOOT”. The ro stands for read-only. SNMP isn’t just for retrieving information; we can also use it to configure our network devices. Let’s continue…
Router(config)#snmp-server location Amsterdam Router(config)#snmp-server contact email@example.com
These two steps are not required but it’s useful to specify a location and contact. This way you’ll at least know where the device is located whenever you receive information through SNMP. The messages that the SNMP agent sends to the NMS are called SNMP traps. Of course we want to send these to an external server so I’ll configure the IP address of the SNMP server:
Are those the only commands to enter the router to get SNMP v2 going? How about the client side?
Thank you in advance.
That’s all you need to get it going yes. If you want to test this, I can highly recommend to try LibreNMS:
This command to specify the Cisco router as Agent and send snmp trap to the NMS server?
snmp-server host 192.168.12.2 version 2c TSHOOT
So the NMS server is 192.168.12.2 and the TSHOOT is community string of 192.168.12.2?
That’s right. Don’t forget to use the snmp-server enable traps command to specify which traps you want to send.
If you don’t want to use traps, setting the community with the snmp-server community command is all you need. You can use this if you want to read the router/switch with a NMS.