ESXi has an embedded SNMP agent which allows the host to send SNMP traps and receive requests. In the examples here I will use vicfg-snmp from a vMA to configure SNMP on my host, though you can also use esxcli, which is the preferred method with ESXi 5.1 and later. Running vicfg-snmp –help on the vMA show’s the following usage options:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp --help
Synopsis: /usr/bin/vicfg-snmp OPTIONS
Command-specific options:
--communities
-c
Set communities separated by comma comm1[,...] (this overwrites previous settings)
--disable
-D
Stop SNMP service
--enable
-E
Start SNMP service
--hwsrc
-y
Where to source hardware events from IPMI sensors or CIM Indications. One of: indications|sensors
--notraps
-n
Comma separated list of trap oids for traps not to be sent by agent. Use value 'reset' to clear setting
--port
-p
Sets the port of the snmp agent. The default is udp/161
--reset
-r
Return agent configuration to factory defaults
--show
-s
Displays snmp agent configuration
--targets
-t
Set destination of notifications(traps) hostname[@port][/community][,...] (this overwrites previous settings)
(IPv6 address valid for vSphere 4.0 and later)
--test
-T
Send out a test notification to validate configuration
--vihost
-h
The host to use when connecting via a vCenter Server.Configuring an ESXi Host to Send SNMP Traps
The SNMP agent is disabled by default. Before enabling it you need to set up a community for the agent. To do so, run the following, where ‘Community1’ is the community name.
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp -c community1 Changing community list to: community1... Complete.
To configure the agent to sent traps you can run:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp -t 192.168.0.142@162/community1 Changing notification(trap) targets list to: 192.168.0.142@162/community1... Complete.
We still need to enable the SNMP agent. We can do that by running:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp --enable Enabling agent... Complete.
Now we can send a test SNMP trap by running:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp --test Sending test nofication(trap) to all configured targets... Complete. Check with each target to see if trap was received.
Configure the SNMP Agent for Polling
You can configure the SNMP agent to respond to requests from other devices. By default it listens on UDP port 161 though this can be changed:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp -p 160 Changing udp port to 160... Complete.
Configuring the SNMP Agent for Hardware Events
You can configure the SNMP agent to capture hardware related events via the Intelligent Platform Mangement Interface (IPMI) or the Common Information Model (CIM). CIM indication is for use with ESXi 5.
You can set which method you wish the agent to use by running:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp -y sensors Changing source of hardware event source: sensors... Complete.
This will set it to use IPMI sensors. To change it to CIM, run:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp -y indications Changing source of hardware event source: indications... Complete.
Troubleshooting SNMP on ESXi 5
You can send a test SNMP trap to your monitoring server by running:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp --test Sending test nofication(trap) to all configured targets... Complete. Check with each target to see if trap was received.
To view the current SNMP configuration you can run:
vi-admin@vma:~[esxi1.vmlab.loc]> vicfg-snmp --show Current SNMP agent settings: Enabled : 1 UDP port : 160 Communities : com1 Notification targets : 192.168.0.142@162/com1 Options : EnvEventSource=indications engineid=00000063000000a1c0a800f0 loglevel=info
Configuring SNMP using ESXCLI
As mentioned earlier, you can also configure SNMP using esxcli. This is done using the ‘esxcli system snmp’ namespace:
~ # esxcli system snmp
Usage: esxcli system snmp {cmd} [cmd options]
Available Commands:
get Get SNMP Agent configuration
hash Generate localized hash values based on this agents snmp engine id.
set This command allows the user to set up ESX SNMP agent.
test Verify ESX SNMP notifications can be delivered to target destinations.
For example, to get the current configuration, you can run:
~ # esxcli system snmp get Authentication: Communities: com1 Enable: true Engineid: 00000063000000a1c0a800f0 Hwsrc: indications Loglevel: info Notraps: Port: 160 Privacy: Remoteusers: Syscontact: Syslocation: Targets: 192.168.0.142@162 com1 Users: V3targets:
To send a test SNMP trap you can run:
~ # esxcli system snmp test Comments: There is 1 target configured, send warmStart requested, test completed normally.
Finally, the Set option is used to configure the SNMP agent and to enable/disable it. For example, to disable the SNMP agent you can run:
~ # esxcli system snmp set --enable false
The other Set options that are available can be seen by running:
~ # esxcli system snmp set --help
Configuring the ESXi SNMP Agent using PowerCLI
PowerCLI also offers a way to configure the SNMP agent. To do so you need to connect PowerCLI directly to the host you wish to configure, rather than to vCenter. For example:
Connect-VIServer esxi1.vmlab.loc
Once connected you can view the current SNMP agent configuration with:
PowerCLI C:\> get-vmhostsnmp
Enabled Port ReadOnly Communities
------- ---- --------------------
False 160 {com1}
You can change the configuration by using set-vmhostsnmp. For example, to enable the agent you can run:
PowerCLI C:\> get-vmhostsnmp | Set-VMHostSnmp -enabled:$true
Enabled Port ReadOnly Communities
------- ---- --------------------
True 160 {com1}
Finally, to test the configuration you can run:
PowerCLI C:\> get-vmhostsnmp | Test-VMHostSnmp
Enabled Port ReadOnly Communities
------- ---- --------------------
True 160 {com1}
Useful Links and Resources
Final Word
In this post you have learnt how to configure SNMP on ESXi.