The Systems Management Agent (SMA) agent and tools are based on the open source NetSNMP project, published at http://www.net-snmp.org. The SNMP agent supports the v1, v2c and v3 protocols. Secure SNMP operations are provided through the use of USM and VACM. A set of tools that enable users to perform simple SNMP operations, monitor various variables, and perform configuration on the agent are available. Some value-added modules that provide monitoring information specific to Solaris platforms are also available.
The agent (see snmpd(1M)) is capable of SNMP v3, v2c and v1 protocol operations. Details of the related RFCs can be found at http://www.ietf.org/html.charters/snmpv3-charter.html. The agent supports these protocols over a variety of transports. Among these are TCP/UDP over IPv4/IPv6 and Unix domain sockets.
The agent and its modules, including USM and VACM, can be configured by making changes to /etc/sma/snmp/snmpd.conf. See snmpd.conf(4).
The User-based Security Model enables strong authentication of SNMP users as well as communication privacy, message integrity, and replay protection. SNMP users can be managed remotely through the use of SNMP operations. Details of USM can be found in RFC 3414. USM supports privacy of messages. Currently, DES encryption is supported on Solaris. In the future, more secure AES encryption might be added. The agent also provides the ability to manipulate user entries through local configuration files.
The View-based Access Control Model enables access control to various parts of an SNMP MIB. Remote management of access control is possible through SNMP operations. Details of VACM can be found in RFC 3415. The agent provides the ability to manipulate access control entries through local configuration files.
The agent supports subagents through the AgentX protocol and MIBs, as defined in RFCs 2741 and 2742. This enables the master agent to delegate population of different portions of the MIB tree to subagents. AgentX messages can be interchanged over a variety of transports including Unix Domain Sockets, TCP and UDP. Note that it is a possible security risk to expose the master agent listening address through TCP/UDP. See section 9 of RFC 2741 for more details.
The following tools are available:
Collects information to build a KeyChange encoding, per the textual convention given in RFC 2274, Section 5. Computes the value and prints it to stdout as a hex string.
Fixes a process named "proc" by performing the specified action. The actions can be check, kill, restart, exist, or fix. The action is specified on the command line or is read from a default database, which describes the default action to take for each process.
A script that takes a MIB and converts it into C code. That C code can then be used as a template to implement your MIB.
Net-SNMP configuration options.
An SNMP application that uses the SNMP GETBULK request to efficiently query information on a network entity.
An SNMP application that uses the SNMP GETBULK request to efficiently query a network entity for a tree of information.
A configuration file setup command for agent.
Monitors the specified integer valued OIDs, and report changes over time.
A networked version of the df(1M) command.
Invokes an SNMP GET request to query for information on a network entity.
An SNMP application that uses the SNMP GETNEXT request to query information on a network entity.
An SNMP application that uses the SNMP INFORM operation to send information to a network manager.
Symbolically displays the values of various network-related information retrieved from a remote system using the SNMP protocol.
The SNMP SET request to set information on a network entity.
An SNMP application that retrieves several important statistics from a network entity.
An SNMP application that repeatedly uses the SNMP GETNEXT or GETBULK requests to query for information on a network entity.
An SNMP application that can monitor and manage information on a network entity.
An SNMP application that translates one or more SNMP object identifier values from their symbolic (textual) forms into their numerical forms (or vice-versa).
An SNMP application that uses the SNMP TRAP operation to send information to a network manager.
An SNMP application that can be used to do simple maintenance on an SNMP agent's User-based Security Module (USM) table.
An SNMP application that can be used to do simple maintenance on View-based Access Control (VACM) table.
An SNMP application that uses SNMP GETNEXT requests to query a network entity for a tree of information.
Some of these tools have common command line options which can be seen in the snmpcmd man page. Individual tools are described in their own man pages.
The modules listed below are available. These enable detailed monitoring operations to be performed through SNMP.
Defines a uniform set of objects useful for the management of host computers. Host computers are independent of the operating system, network services, or any software application.
The Host Resources MIB defines objects which are common across many computer system architectures. For reference, see RFC 2790 at http://www.faqs.org/.
efines the second version of the Management Information Base for use with network management protocols in TCP/IP-based internets. It provides a simple, system for managing these internets. For reference, see RFC 1213 at http://www.ietf.org/.
An extension of the MIB II, this MIB contains Solaris-specific attributes. Adds a table that lists all the currently running processes on the monitored host and certain performance details on that host.
By default, the MIB files are located in /etc/sma/snmp/mibs.
The module API documentation describes some of the Net-SNMP helper APIs as well as other APIs needed to develop SNMP modules. The default location is /usr/sfw/doc/sma_snmp/html/modules.html.
See attributes(5) for descriptions of the following attributes:
snmpstatus(1), snmpconf(1M), snmpd(1M), snmpdf(1M), snmpget(1M), snmpgetnext(1M), snmpnetstat(1M), snmpset(1M), snmptrap(1M), snmpusm(1M), snmpvacm(1M), snmpwalk(1M), snmp.conf(4), snmpd.conf(4), snmp_variables(4), attributes(5)
See the section 1M man pages for each of the tools described under TOOLS, above.