now I am meeting difficulty in using snmp moudule inputs,
The OS platform is centos 5.9 , I have installed pyasn and pysnmp,
I create input in snmp moudule,as following
[snmp://172.17.1.4]
communitystring = siten
destination = 172.17.1.4
do_bulk_get = 0
index = eddy
ipv6 = 0
mib_names = CISCO-C2900-MIB,IP-MIB,IF-MIB
port = 161
snmp_mode = attributes
snmp_version = 1
sourcetype = snmp
split_bulk_output = 0
v3_authProtocol = usmHMACMD5AuthProtocol
v3_privProtocol = usmDESPrivProtocol
Howerver, I cannot get the search result, I am sure the snmp polling target 172.17.1.4 is available, wich can be accessed by other snmp tools.
who can tell me what is the trouble? and details setup step? Please, Thanks a lot.
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
error log
[11/Jul/2014:15:13:31.161 +0800] "GET /zh-CN/api/shelper?snippet=true&snippetEmbedJS=false&namespace=search&search=search+index%3D_internal+ExecProcessor+error+snmp.py&useTypeahead=true&useAssistant=true&showCommandHelp=true&showCommandHistory=true&showFieldInfo=false&_=1405088827900 HTTP/1.1" 200 628 "https://172.16.11.26:8000/zh-CN/app/search/search?q=search%20index%3D_internal%20%20snmp.py&earliest..." "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36" - 53bf8e9b295115410 29ms
First of all , "... I have installed pyasn and pysnmp..."
You don't have to do this , nor is this documented. All the dependent python packages are bundled in with the SNMP Modular Input.
Now some observations and tips :
Any errors in the logs ? Search in splunk such as : "index=_internal ExecProcessor error snmp.py"
I see you have overridden the default sourcetype of "snmp_ta" with "snmp". Any reason why ?
What search are you using that is not showing up anything ? what timeframe are you searching over ?
Have you converted your CISCO-C2900-MIB mib correctly and placed the CISCO-C2900-MIB.py file (named as such) in snmp_ta/bin/mibs ?
Many thanks for suggestion,
1. sourcetype name has been changed as "snmp_ta", however , maybe the sourcetype name is not the key point
3.some network device, for example, cisco 2900, 3560, Juniper ex220 , Are these MIBS included in the default egg? which mibs should i choose to polling these devices? just for CPU ,MEM,INTERFACE, or i have to import customer mib? Please give me more guide ,