Ep. 3: Using SNMP to monitor network devices in Checkmk 2.0

[0:00:01] Welcome back to the Checkmk channel. In this episode, we're monitoring a switch and we'll be doing that using SNMP
[0:00:07] Now, what is SNMP? 
[0:00:08] SNMP stands for Simple Network Monitoring Protocol. And it's used to monitor switches, routers, printers, UPS and many other devices. Its purpose is to make monitoring these devices as easy as possible. And a good thing is you don't need an agent on these devices to monitor them. You just need to enable the SNMP protocol.
[0:00:33] And everything in checkmk is then very easy. And exactly how easy? That's what I'm going to show you now.
[0:00:58] So we want to add a switch to the monitoring. The switch is already prepared meaning that SNMP is already enabled. So now all this left to do is add to host. So as always we go to setup > Hosts and then click on "Add Host". Now we give the switch a name. Let's call it Switch one and we need to enter the IP address.
[0:00:49] Now we need to say that we don't use an agent, so no agent. And now we need to tell it that we use SNMP and we need to pick the SNMP version. We'll be picking SNMP version 2 or 3.
[0:01:19] We picked version 2 or 3 and there's also a version 1, but that's typically only used for older devices especially like five or ten years old. But if you ever need it, it's there. Next thing, we need to do is add credentials. So click here with SNMP v2n it's called SNMP community and there is a convention that the default password is "public" all lowercase. So let's type that in.
[0:01:36] And also if you set it to 'none', then it will take the default value. So Checkmk will automatically try the password "public".
[0:02:06] So now we're all done. And we're gonna test the connection. So click on 'Save & go to the connection tests'. So, Checkmk is now going to ping the host. So it's going to ping the switch, it's also trying to retrieve an agent even though there is no agent installed. So they should always be empty.
[0:02:17] More importantly, it's trying all four SNMP versions. And it does this, for you to easily be able to recognize which versions are supported by your device. Now we are interested in "SNMPv2c".
[0:02:35] Here you see it has a system description. This is configured by the manufacturer. Then it has some other settings like a system contact, system name, and a location. And you can set all these on the device itself.
[0:02:53] So this all looks good. So let's save and go to 'Host properties' again. And now let's go discover the services. So, 'Save & go to service configuration'. Checkmk is now doing an SNMP scan to scan which services it has. And as always everything is 'Undecided'. But to quickly fix that we can press, "Fix all". So we monitor everything.
[0:03:08] Okay, now as always there are five changes. We need to activate these changes in order to actually monitor the host into Checkmk. So in a few seconds, you'll see that we now have two hosts instead of one So let's click on the Host we just added.
[0:03:36] Okay, let me quickly zoom in and collapse the sidebar so we can actually see something.
[0:03:56] Now the first service here, "Check_MK".  This one indicates if the monitoring on the Host itself works. The 2nd one, the "Check_MK Discovery", this will go to WARN when it finds any service that is not monitored yet in Checkmk. So this could happen when initially a port is closed or not active and it became active later on.
[0:04:03] So then you can add it to the monitoring system if you see it. Now, these interfaces are all the ports that are UP. And Checkmk is configured in such a way that it will discover these ports as a 'Service' when the port has a link status UP.
[0:04:28] Now it's not only important if it's UP, but there's also other important information like the 'failure rate' and the 'transfer speed' of each port.
[0:04:49] And then we have the 'SNMP info' service. This is a summary of the information on the device. So that's the system description, the system location, the system name and the system contact.
[0:05:00] And all this information is you can configure this on the device itself So the system 'Uptime', it indicates how long the system has been up.
[0:05:23] You can configure it in such a way that you get a WARN when the uptime is below a certain threshold because this can indicate that the system has rebooted. Earlier we saw that there is an SNMP version 2 and version 3.
[0:05:43] The main difference is that version 3 implements more security features. SNMP version 2 is unencrypted, so that means anyone who has access to the LAN, can read the device statistics. The good thing is that this is read-only, so even an attacker cannot change the configuration, he can only read the device diagnostics.
[0:06:05] Version 3 is a bit more tricky to set up and also takes a bit more computing power. Especially on the device itself. Let me quickly show you how to set up SNMP version 3 in Checkmk.
[0:06:17] So to activate SNMP version 3, we go to Setup, Hosts and  then edit the switch. So we go to the Host properties.
[0:06:29] Now we need to change the SNMP credentials. So you see that we currently have SNMP community, and but you also have just these three set things for SNMP version 3.
[0:06:40] We're going to pick the last one because it's the most secure. Here you see we have to enter some more information.
[0:06:47] So the security name the authentication password and a passphrase. All this has to be configured on the device itself, and then entered here in Checkmk.
[0:06:59] That was it for today. In the next episode, we're adding a Windows Host to the monitoring system. See you then.

Want to know more about Checkmk? Join us for our Introduction to Checkmk Webinar

Register now