Hello everybody, because of importance of ESXi host monitoring in virtual environment (or SDDC) management, today i want to demonstrate a fast guide for ESXi SNMP version3 configuration by ESXCLI. (Remember it will be done only by CLI not GUI) SNMP protocol v1 & v2 are not secured, because they do not support encryption and work only with a clear-text community string, while it's a security compromise to never use them anyway. I had given a promise in this post on security recommendation series to write a specific post about how to configure SNMPv3 on ESXi, so let me begin and don't waste the time anymore:
# esxcli system snmp get "Show the current ESXi SNMP config"
# esxcli system snmp set -r "Reset to default setting"
# esxcli system snmp set -e 1 "Enable SNMP"
# esxcli system snmp set -a SHA1 "Select SHA1 Protocol"
# esxcli system snmp set -x AES128 "Select AES128 Encryption"
# esxcli system snmp set -E Eng_ID "Set System Engine ID"
# esxcli system snmp hash -A Auth_str -X Priv_Str -r
It will generate intended hash strings, then select & copy both of them to use in the next command:
# esxcli system snmp set -R Mon_User/SHA1/hash1/AES128/hash2/Eng_ID
Also you can change some default settings, such as port and log level:
# esxcli system snmp set -p 161 "Set SNMP Port"
# esxcli system snmp set -l warning "Define Log Level"
And some optional settings are included of:
# esxcli system snmp set -C Asset_Manager "Set Contact Information"
# esxcli system snmp set -L Node_Location "Set Asset Location Info"
Now let's check its configuration once more again: # esxcli system snmp get
So last setting is something like this picture.
I hope it will be helpful guide for you guys, for more information please refer to VMware Links about SNMP Configuration:
No comments:
Post a Comment