Enabling SNMP on Sangfor EDR Manager Server

Abdul Hakim Lv1Posted 2024-Jul-16 11:50

Hi, I would like to have our Sangfor EDR Manager Server to send SNMP data to our Network Monitoring Server through SNMP. How do I enable the SNMP setting on the EDR Manager Server as on Web Gui system setting there is no setting for SNMP. Our EDR Manager Server currently running on Centos 7 and using EDR Version of 3.7.12EN. can anyone give steps or guidance to enable the SNMP on the EDR Manager? Thank You and really appreciate it.

Sheikh_Shani has solved this question and earned 20 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Hello Dear

Unfortunately, the Sangfor EDR Manager Web GUI doesn't have a built-in SNMP setting. However, you can enable SNMP on the Centos 7 operating system level and configure it to send traps to your Network Monitoring Server. Here's a step-by-step guide to help you achieve this:

1. Install SNMP daemon: Ensure the SNMP daemon is installed on your Centos 7 system. You can do this by running the command sudo yum install net-snmp
2. Configure SNMP: Edit the SNMP configuration file using sudo vi /etc/snmp/snmpd.conf. Add the following lines to enable SNMPv2c and set the community string:
``snmpd.conf

                rocommunity <community_string>  <IP_address_of_Network_Monitoring_Server>
                # or for SNMPv3
         createUser <username> SHA <password> AES <password>

Replace `<community_string>` with your desired community string, `<IP_address_of_Network_Monitoring_Server>` with the IP address of your Network Monitoring Server, and `<username>` and `<password>` with your desired credentials.

1. Restart SNMP service: Run the command sudo service snmpd restart to apply the changes.
2. Configure EDR Manager to send SNMP traps: Edit the EDR Manager configuration file using sudo vi /etc/sangfor/edr/edr.conf. Add the following lines to enable SNMP trap sending:
``edr.conf

                # Enable SNMP trap sending
                snmp_trap_enable=1
                snmp_trap_server=<IP_address_of_Network_Monitoring_Server>
                snmp_trap_community=<community_string>

Replace `<IP_address_of_Network_Monitoring_Server>` with the IP address of your Network Monitoring Server and `<community_string>` with the community string you set earlier.

1. Restart EDR Manager service: Run the command sudo service edr restart to apply the changes.

By following these steps, you should now have SNMP enabled on your Sangfor EDR Manager Server, and it will send SNMP data to your Network Monitoring Server.
Is this answer helpful?
Sheikh_Shani Lv2Posted 2024-Jul-17 14:05
  
Hello Dear

Unfortunately, the Sangfor EDR Manager Web GUI doesn't have a built-in SNMP setting. However, you can enable SNMP on the Centos 7 operating system level and configure it to send traps to your Network Monitoring Server. Here's a step-by-step guide to help you achieve this:

1. Install SNMP daemon: Ensure the SNMP daemon is installed on your Centos 7 system. You can do this by running the command sudo yum install net-snmp
2. Configure SNMP: Edit the SNMP configuration file using sudo vi /etc/snmp/snmpd.conf. Add the following lines to enable SNMPv2c and set the community string:
``snmpd.conf

                rocommunity <community_string>  <IP_address_of_Network_Monitoring_Server>
                # or for SNMPv3
         createUser <username> SHA <password> AES <password>

Replace `<community_string>` with your desired community string, `<IP_address_of_Network_Monitoring_Server>` with the IP address of your Network Monitoring Server, and `<username>` and `<password>` with your desired credentials.

1. Restart SNMP service: Run the command sudo service snmpd restart to apply the changes.
2. Configure EDR Manager to send SNMP traps: Edit the EDR Manager configuration file using sudo vi /etc/sangfor/edr/edr.conf. Add the following lines to enable SNMP trap sending:
``edr.conf

                # Enable SNMP trap sending
                snmp_trap_enable=1
                snmp_trap_server=<IP_address_of_Network_Monitoring_Server>
                snmp_trap_community=<community_string>

Replace `<IP_address_of_Network_Monitoring_Server>` with the IP address of your Network Monitoring Server and `<community_string>` with the community string you set earlier.

1. Restart EDR Manager service: Run the command sudo service edr restart to apply the changes.

By following these steps, you should now have SNMP enabled on your Sangfor EDR Manager Server, and it will send SNMP data to your Network Monitoring Server.
Enrico Vanzetto Lv4Posted 2024-Jul-17 15:56
  
Hi, as far as i know, there's no way to enable snmp service through edr's web ui. I suggest you to enable email alerts and set the alert type you want to get.  
jerome_itable Lv3Posted 2024-Jul-17 17:23
  
You're right, the Sangfor EDR Manager web interface likely doesn't have a built-in option to enable SNMP. However, on CentOS 7, you can configure SNMP manually to send data to your Network Monitoring Server. Here's a general guide:

1. Install and configure SNMP service:

    Ensure the snmpd service is installed:

Bash

sudo yum install net-snmp-libs net-snmp-server

Use code with caution.

    Edit the SNMP configuration file:

Bash

sudo nano /etc/snmp/snmpd.conf

Use code with caution.

    Make the following changes in the file:
        Enable SNMP service: Uncomment the line agentSecName 1 "" noAuthNoPriv.
        Public Community String: (Replace "your_community" with a desired community string for access)

        community your_community

        Optional: Restrict Access (Highly Recommended): By default, the above configuration allows read access to anyone with the "your_community" string. To restrict access to specific IP addresses, add lines like this under the community your_community section:

        # Allow read access only from the Network Monitoring Server IP address (replace with your server's IP)
        roCommunity your_community 192.168.1.100

    Save the changes and restart the snmpd service:

Bash

sudo systemctl restart snmpd
sudo systemctl enable snmpd

Use code with caution.

2. Configure firewall (if applicable):

    If you have a firewall running on the Sangfor EDR Manager server, ensure it allows UDP traffic on port 161 for incoming SNMP requests from your Network Monitoring Server IP address.

3. Verify SNMP configuration:

    You can use a tool like snmpwalk on your Network Monitoring Server to test connectivity and access information from the Sangfor EDR Manager server using the configured community string (and IP restrictions if implemented).
Newbie290036 Posted 2024-Jul-17 20:28
  
To enable SNMP on the Sangfor EDR Manager Server, you'll need to configure the SNMP service on the CentOS 7 system. First, ensure the SNMP service is installed by running the command `sudo yum install net-snmp`. Then, edit the SNMP configuration file `/etc/snmp/snmpd.conf` using a text editor, and add the following lines: `agentAddress inet:127.0.0.1:161` and `rocommunity public` (replace "public" with your desired community string). Restart the SNMP service by running `sudo systemctl restart snmpd`. Finally, navigate to the Web GUI of your Network Monitoring Server and configure the SNMP settings to point to the EDR Manager Server's IP address and community string.
Zonger Lv5Posted 2024-Jul-17 23:08
  
To enable SNMP on your Sangfor EDR Manager Server running CentOS 7 and EDR version 3.7.12EN, you'll typically need to perform the following steps:

1. Install SNMP Packages: First, ensure SNMP packages are installed on the CentOS server if they are not already. You can install SNMP daemon and utilities using the following command:

   sudo yum install net-snmp net-snmp-utils

2. Configure SNMP: Edit the SNMP configuration file `/etc/snmp/snmpd.conf` to configure SNMP settings. You'll need to define SNMP community strings, access control, and specify which IP addresses or networks are allowed to query SNMP data. Here’s a basic example:

   rocommunity <community_string> <network_or_IP_range>

   Replace `<community_string>` with your desired SNMP community string and `<network_or_IP_range>` with the IP address or network range of your Network Monitoring Server.

3. Start SNMP Service: Start the SNMP service and enable it to start on boot:

   sudo systemctl start snmpd
   sudo systemctl enable snmpd

4. Firewall Configuration: If firewalld is enabled, configure it to allow SNMP traffic (UDP port 161) from your Network Monitoring Server:

   sudo firewall-cmd --zone=public --add-port=161/udp --permanent
   sudo firewall-cmd --reload

5. Testing: Verify SNMP connectivity from your Network Monitoring Server to the EDR Manager Server using SNMP tools like `snmpwalk`. For example:

   snmpwalk -v2c -c <community_string> <EDR_Manager_IP> system

   Replace `<community_string>` with your SNMP community string and `<EDR_Manager_IP>` with the IP address of your EDR Manager Server.

6. Integration: Once SNMP is configured and tested successfully, configure your Network Monitoring Server to poll SNMP data from the EDR Manager Server using the SNMP community string and appropriate OID (Object Identifiers) for EDR-specific metrics.
vesogi7900 Lv3Posted 2024-Jul-18 14:01
  
To enable SNMP on your Sangfor EDR Manager Server running on CentOS 7 with EDR Version 3.7.12EN, follow these steps:
1. Install SNMP Packages:
   First, ensure SNMP packages are installed on your CentOS 7 server.
   ```bash
   sudo yum install net-snmp net-snmp-utils
   ```
2. Configure SNMP:
   Edit the SNMP configuration file `/etc/snmp/snmpd.conf` to set up your community string and define the access control. Below is an example configuration:
   ```bash
   com2sec readonly  default         YOUR_COMMUNITY_STRING
   group   MyROGroup v1              readonly
   group   MyROGroup v2c             readonly
   group   MyROGroup usm             readonly
   view    all    included  .1                               80
   access  MyROGroup ""      any       noauth    exact  all    none   none
   ```
   Replace `YOUR_COMMUNITY_STRING` with your actual community string.
3. Start and Enable SNMP Service:
   Start the SNMP service and ensure it starts on boot.
   ```bash
   sudo systemctl start snmpd
   sudo systemctl enable snmpd
   ```
4. Open SNMP Ports in Firewall:
   If you are using a firewall, make sure to open the SNMP port (161/UDP).
   ```bash
   sudo firewall-cmd --permanent --add-port=161/udp
   sudo firewall-cmd --reload
   ```
5. Verify SNMP Configuration:
   Test the SNMP configuration to ensure it is working correctly.
   ```bash
   snmpwalk -v2c -c YOUR_COMMUNITY_STRING localhost
   ```
After completing these steps, your Sangfor EDR Manager Server should be able to send SNMP data to your Network Monitoring Server. You can then configure your Network Monitoring Server to collect and monitor the SNMP data from the EDR Manager Server.
Farina Ahmed Lv5Posted 2024-Jul-18 17:50
  
For this configure SNMP on the CentOS system itself. Install and configure the SNMP service by running:

sudo yum install net-snmp net-snmp-utils
sudo systemctl enable snmpd
sudo systemctl start snmpd
sudo vi /etc/snmp/snmpd.conf

Edit the snmpd.conf file to include your SNMP community string and the IP address of your Network Monitoring Server. Restart the SNMP service:

sudo systemctl restart snmpd

This setup will enable SNMP on your CentOS system, allowing it to send SNMP data to your Network Monitoring Server.
Tayyab0101 Lv2Posted 2024-Jul-18 18:06
  
there is no built in SNMP for Sangfor EDR Manager Web GUI. you will ahve to do that from other end i mean from OS side.
Imran Tahir Lv4Posted 2024-Jul-19 19:51
  
Hello, as far as I'm aware, the edr web interface does not allow you to enable the Snmp service. I advise you to enable email alerts and select the desired alert type.  

I Can Help:

Change

Moderator on This Board

3
14
3

Started Topics

Followers

Follow

1
3
6

Started Topics

Followers

Follow

18
8
0

Started Topics

Followers

Follow

Trending Topics

Board Leaders