Template:FAQ:Agent 05

From Net-SNMP Wiki
Revision as of 15:12, 29 December 2006 by Dts12 (Talk | contribs) (5.4 release synchronisation)

Jump to: navigation, search

Deleting the text file for a MIB does not affect the agent (other than to prevent it from recognising MIB object names in the config files). It's necessary to tell the agent not to activate the relevant code that actually implements these objects. There are three ways to do this:

There are three options to prevent the agent returning information from a particular MIB:

  • re-run configure to exclude the given MIB module(s) from the build configuration, then recompile and reinstall:
       ./configure --with-out-mib-module=host   ....
       make
       make install
  • use access control to exclude the mib from the view used to query the agent:
       com2sec public  default public
       

       group   public  v1      public
       group   public  v2c     public
       

       view    ourmib  included  system
       view    ourmib  included  printmib
       view    ourmib  excluded  host
       view    ourmib  included  privatemib
       

       access  public  "" any noauth exact ourmib none none

With v5.3 and above, this can also be done by supplying the relevant view name to the "rocommunity" or similar directive: 

        rocommunity public default -V ourmib
  • disable the MIB at runtime
         snmpd -I -hr_system,hr_storage,hr_device,hr_other,....

Note that this relies on knowing which modules are used to implement the relevant MIB objects. If you're not sure, you can check which MIB modules are loaded by getting the agent to report them as they are initialised: 

         snmpd -Dmib_init -H

Hopefully it should then be fairly obvious which ones to turn off.

Retrieved from "http://www.net-snmp.org/wiki/index.php?title=Template:FAQ:Agent_05&oldid=2153"