Monitoroing: Missing SNMP Agent support

Started by misch42, April 11, 2023, 11:44:55 AM

Previous topic - Next topic
Print
Go Down Pages1 2 3
User actions
April 11, 2023, 11:44:55 AM
Hi,

I tried to setup monitoring for my opnsense 23.1. But all the firewall specific tables are not implemented any more. So support for enterprises.12325 (BEGEMOT MIB)  seems to be gone.

I found some posts having the same problem. So I just want to confirm that this SNMP agent is deprected and the new net-snmp does not provide any of the firewall related monitoring information. Or is it possible to connect via a subagent (AgentX), or similar.

Michael
May 15, 2023, 06:55:35 PM #1
I also find myself missing these SNMP values.  In my case for Zabbix monitoring...you can see in the Zabbix template (docs) that it uses many of these 12325 / BEGEMOT-MIB OIDs to report statistics.  I was planning to have a graph of IPv4 vs. IPv6 traffic but it appears that will not be simple.

The Zabbix template as it comes in the box generates errors for these items like this:

Cannot find index of "em0" in ".1.3.6.1.4.1.12325.1.200.1.8.2.1.2".
Cannot find index of "em1" in ".1.3.6.1.4.1.12325.1.200.1.8.2.1.2".
September 11, 2023, 08:49:02 PM #2
it looks like since 19.1 , bsnmp is superseded

https://forum.opnsense.org/index.php?topic=11398.msg51514#msg51514


has been discussed already

https://forum.opnsense.org/index.php?topic=19753.0


I'm dealing with Zabbix monitoring of OPNsense via snmp too these days.

T.
September 21, 2023, 05:58:06 PM #3 Last Edit: September 21, 2023, 06:02:03 PM by gcorre
Hi,

I struggled as well to understand how to monitor my OPNSense using Zabbix and here is what worked for me.

Do not install any SNMP plugin (ie: os-net-snmp)
It will result in a conflict with bsnmp.

Steps on OPNSense

  • Open an OPNSense console (CLI)
  • Enable bsnmpd daemon by creating new config file "/etc/rc.conf.d/bsnmpd" with the following content :
Code Select
bsnmpd_enable="YES"
  • Uncomment the following lines in "/etc/snmpd.config" file to enable required SNMP modules:
Code Select

read := "your_snmp_community"
begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"

  • Start bsnmpd daemon with the following command:
Code Select
/etc/rc.d/bsnmpd start   
Steps on Zabbix

  • Create your host
  • Link "OPNSense template" to your host
  • Link "Template / Network devices" group to your host
  • Configure name, IP etc. for your host
  • Smile because it works.

Refence for above steps : https://www.zabbix.com/integrations/opnsense

Hope this help.
September 30, 2023, 08:36:33 AM #4 Last Edit: September 30, 2023, 08:42:10 AM by testo_cz
Nice @gcorre !
Can you confirm that bsnmpd runs fine on the current OPNsense , please ?

Me personally, searched forums and got the impression, that bsnmpd is not preferred in OPNsense (since some troubles), however it is default in FreeBSD.
I took this Zabbix template (https://www.zabbix.com/integrations/opnsense) and disabled all those BEGEMOT-MIB items, and basically lost PF monitoring. Instead of BEGEMOT-MIB items for PF , I've tried collectd and Telegraf features to PF monitoring . Both output Prometheus format and so pluggable into Zabbix.

Well, for now, I use Telegraf's PF metrics via Prometheus output to Zabbix. The metrics include PF state table only, that is less  than BEGEMOT-MIB.

Cheers
October 03, 2023, 10:55:03 AM #5 Last Edit: October 03, 2023, 10:56:47 AM by gcorre
Hello testo !

So far, so good, bsnmpd is working fine. The only issue is that bsnmp service does not show up in the GUI which is not optimal for checking its status.

I only found documentation around snmp plugin for opnsense but they were not compatible with BEGEMOT-MIB. That's why I tried bsnmp with the same zabbix template as yours (https://www.zabbix.com/integrations/opnsense). And that's working perfectly fine.

Well I had to make one adjusment in this template otherwise interfaces weren't discover correctly.
Go to :

- Configuration / Templates / OPNSENSE SNMP / MACROS
- Change the value of the field {$NET.IF.IFADMINSTATUS.MATCHES} to ^ยท*

I contacted the author and he may have already changed it!

Cheers
November 19, 2023, 01:40:04 AM #6
Are you able to get good data from 23.7? I am showing alot of No Such Object available on this agent at this OID when using this template.
November 19, 2023, 01:58:19 AM #7
Quote from: gcorre on September 21, 2023, 05:58:06 PM
Hi,

I struggled as well to understand how to monitor my OPNSense using Zabbix and here is what worked for me.

Do not install any SNMP plugin (ie: os-net-snmp)
It will result in a conflict with bsnmp.

Steps on OPNSense

  • Open an OPNSense console (CLI)
  • Enable bsnmpd daemon by creating new config file "/etc/rc.conf.d/bsnmpd" with the following content :
Code Select
bsnmpd_enable="YES"
  • Uncomment the following lines in "/etc/snmpd.config" file to enable required SNMP modules:
Code Select

read := "your_snmp_community"
begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"

  • Start bsnmpd daemon with the following command:
Code Select
/etc/rc.d/bsnmpd start   
Steps on Zabbix

  • Create your host
  • Link "OPNSense template" to your host
  • Link "Template / Network devices" group to your host
  • Configure name, IP etc. for your host
  • Smile because it works.

Refence for above steps : https://www.zabbix.com/integrations/opnsense

Hope this help.

Was following your instructions, as I had os-net-snmp loaded as a plugin. I removed it but Zabbix is now complaining that there is no SNMP collection. I validated bsnmpd is running, so not sure why this is happening?
November 20, 2023, 01:59:48 PM #8 Last Edit: November 20, 2023, 02:01:26 PM by gcorre
I am a bit behind schedule for updating. My OPNsense is still in 23.4.

I will wait for 24.1 before upgrading and hope that it still works...

Are you sure that you have the same community configured between your OPNsense and Zabbix?
Have you restarted bsnmpd ?
November 20, 2023, 04:48:25 PM #9
Quote from: gcorre on November 20, 2023, 01:59:48 PM
I am a bit behind schedule for updating. My OPNsense is still in 23.4.

I will wait for 24.1 before upgrading and hope that it still works...

Are you sure that you have the same community configured between your OPNsense and Zabbix?
Have you restarted bsnmpd ?

Could you provide a screenshot of the OPNsense rule you have setup for this? I am missing this and wonder if that is the missing link.
November 20, 2023, 05:49:40 PM #10
Zabbix is in my PRODUCTION network and is communicating with OPNsense in ADMINISTRATION network.

From PRODUCTION to ADMINISTRATION : check attachment.
From ADMINISTRATION to PRODUCTION : check attachment.

"Services_Supervision" = ports 10050 and 10051.

If you want to be sure that it's not a rule issue, you could allow all communication between zabbix and your OPNsense but don't forget to be more restrictive once your test is over.

Logs are your friend as well ;)
November 20, 2023, 05:59:27 PM #11
Yes I got the General log open and noticing that SNMPD does not start, even if the plugin shows green in the GUI. I am trying to find out why its not starting. More to come...
November 21, 2023, 11:39:43 AM #12
I'm not sure which plugin you are using, here is mine : (attachment).

November 23, 2023, 05:38:14 PM #13
I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.
May 29, 2024, 09:35:07 PM #14
net-snmp and bsnmpd are two DIFFERENT snmpd applications. Both run on port 161/udp and are in conflict with one another. Why is this important?  The plugin that is the currently supported SNMPd system is the UCD-snmp application (now called net-snmpd). The OS level plugin (bsnmpd) included the BEGEMOT-PF-MIB with it that allows for a ton of performance monitoring, alerting on failed applications, etc.  Most of these options were not duplicated with the net-snmpd plugin (there are other threads on the missing Enterprise level monitoring that disappeared with this change).

I've personally been experimenting trying to get one of the daemons to run on a non-standard port so that I can make use of both but so far am running into other problems/issues.

Note that despite multiple requests, there still is no published documentation on what MIBs the net-snmpd plugin is presenting and I didn't have the time to go thru the source code of the pluging to see what is being incorporated.

Monitoring and alerting of these things from an Enterprise level has not been a priority for the development team. I can understand why, but it has relegated this product to the back seat for many of our suggested customer deployments due to the inability to alert based on off the shelf monitoring and alerting systems.

Marcos
Print
Go Up Pages1 2 3
User actions