Tag Archive snmp

We use snmp a lot, and know it well. However, not everyone of our customers has spent years working with OIDs in ASN.1, MIBs, Access types, and so on – and nor should they. (As we like to say, “Your monitoring solution should make your life easier, not harder.”) So one question we often get is the difference between the different SNMP versions.

So here’s the quick rundown:

  • SNMP version 1: the oldest flavor.  Easy to set up – only requires a plaintext community. The biggest downsides are that it does not support 64 bit counters, only 32 bit counters, and that it has little security. A community string sent in plaintext, possibly from a restricted range of allowed IP addresses, is as good as the security gets. In other words, no security from someone with access to the network – such a person will be able to see the community string in plaintext, and spoofing a UDP packet’s source IP is trivial.  (On the other hand, if your device is set up to only allow SNMP read only access – the risk is fairly small, and confined to evil people with access to your network. If you have evil people with this access, SNMP is probably not what you need to be worrying about.)
  • SNMP version 2c: in practical terms, v2c is identical to version 1, except it adds support for 64 bit counters.  This matters, especially for interfaces. Even a 1Gbps interface can wrap a 32 bit counter in 34 seconds. Which means that a 32 bit counter being polled at one minute intervals is useless, as it cannot tell the difference between successive values of 30, 40 due to the fact that only 10 octets were sent in that minute, or 30, 40 due to the fact that 4294967306 (2^32 +10) octets were sent in that minute.  Most devices support snmp V2c nowadays, and generally do so automatically. There are some devices that require you to explicitly enable v2c – in which case, you should always do so. There is no downside.
  • SNMP version 3: adds security to the 64 bit counters. SNMP version 3 adds both encryption and authentication, which can be used together or separately.  Setup is more complex than just defining a community string – but then, what security is not?  But if you require security, this is the way to do it.

Note that while you may have to configure the snmp version on your devices that are being monitored, you do not have to configure the version to be used in LogicMonitor. LogicMonitor will automatically try version 3; if that does not succeed, it tries version 2, and only if that does not respond will it use version 1. We try to keep the work away from you when we can.


Agile Monitoring Support

Posted by & filed under SysAdmins, Tips & Troubleshooting .

We recently had a customer come into trial looking around for a new monitoring solution.  This is always good for us.  We love the takeaway.  (Customers defecting from other monitoring systems to us.) As in most takeaway situations this customer had specific needs.  Now there are the obvious ones in which LogicMonitor easily fits the bill such as alerting, dashboards, performance monitoring, etc (and if you fall into that VMWare, Cisco, NetApp sweet spot, game over!).  This guy however, had a very specific need we didn’t fulfill directly out of the gates.  I think anyone who has ever worked with a monitoring solution knows that it’s hard to find one that does everything.  Well in the case of LogicMonitor this is no different.  We don’t do EVERYTHING.  I know, you thought I was going to get all high and mighty and talk about how LogicMonitor is the one monitoring tool that CAN do everything.  Well Read more »


When an OID is not an OID

Posted by & filed under Uncategorized .

It’s still surprising to me that hardware and software manufacturers do not seem to value any kind of consistency in their management interfaces.  Or maybe it’s intentional, to complicate monitoring and management of their systems to encourage the purchase of the vendors own monitoring systems.

In any event, it makes the case for a monitoring service such as LogicMonitor, where we actually provide the templates of what you should be monitoring for a specific kind of device, all the more compelling.

A few examples of what I mean:

  • NetApp decided to change the OIDs used for reporting fan and electronics failures from one minor release to the next.
  • Similarly, NetApp changed the units that volume latency is reported in for releases after version 7.3 from millseconds to microsecond.
  • Cisco changed the way it responds to queries for the interface queue length of vlan intefaces between minor releases of the 12.2 code.
  • Microsoft changes all sorts of counters in all sorts of releases, and even adopts entirely different monitoring interfaces from one release of a product to the next, encouraging the use of WMI in one release of a product, then dropping support of it in the next.

If your monitoring system cannot automatically apply different monitoring templates based on the version of software being run on devices, then if you run more then one of a device, and don’t upgrade all of them at the same moment, you will be left with a tedious job of associating the correct datasource templates to each device as you update it’s software.  And that’s of course assuming that you know in advance what changes to apply to each upgrade of IOS, or OnTap, or MySQL, or Windows, or …..

It’s this kind of bundled knowledge and automation that helps LogicMonitor save our customers hours of time.  Of course, in this case, they wouldn’t even be aware of it- it’s just a series of false alerts that they do not receive, as a result of the monitoring automatically adjusting to changes in their systems.

I really am proud of our product.


Popular Posts
Subscribe to our blog.