Monitoring Linux systems with SNMP extend method

An easy way to obtain information about Linux programs and systems using SNMP extend and a Shell script

About two years ago, when I started my new job at an IT company that works with telephony IP solutions, I was given a challenge to create a new monitoring system using Zabbix. The idea was to update the old monitoring system with the older version of Zabbix to a new one. The older version of Zabbix didn’t have nice templates and the triggers didn’t work as they should have. Another problem was the services and the quantity of the devices to monitor. There weren’t any correct items for all the services on Zabbix nor for the correct devices, so I used the newer 4.2.5 version to create the new monitoring system.

The biggest problem that I found in the beginning was the large numbers of hosts to monitor and the many versions of them. There were about 500 hosts to monitor, and there were about 3 different versions in production. Each version or type of host had specific types of services; some had Apache service running in port 80, another in 80 and 443, some had services like NTP, LDAP, OpenSips, Asterisk, and others didn’t have any kind of services. For some, it was important to get the information in a Mysql database, in a specific table. I also had to include the mixed types of telephony cards and the numbers of telephony links that were different for each client.

Using SNMP protocol, information like CPU’s, memory, Uptime, network interfaces and disks is simple to obtain, but only with that method I wasn’t able to obtain the information about the services and daemons running, and any other specific data in those hosts. Searching in the internet I found a solution, that was the SNMP extend method. This implementation uses a custom script to obtain information about applications in addition to raw system metrics. Checks on file sizes, number of files in a given directory, date of file modification, obtaining information within the CLI of a given Linux application, among other simple information that can be obtained locally with just one command, are provided by the daemon Net-SNMP. Used in virtually all Linux distributions, it can be extended to provide these (and many other types) of functionality.


The use of SNMP extend has a pattern of use and configuration.

  • /etc/snmp/snmpd.conf

where name is an identifying string for the extension, prog is the program to run, and args are the arguments to give the program.

Examples scripts

Here is a simple example using echo:

  • snmpd.conf
  • retrieving value
  • finding the OID

Script used

From the content obtained previously, I created a script in Shell that contemplated all the information and items relevant to the monitoring of all equipment and services. With the use of SNMP extend it was possible to obtain information within the CLI of some services, such as; Asterisk and Mysql. The SNMP configuration file looks like this:

  • /etc/snmp/snmpd.conf

In the script, an initial rule was created to obtain the password for accessing Mysql for each device, as well as a verification of what type of device was being monitored. That part will not be presented here. Using regular expressions (Regex) and Linux commands, it was possible to obtain information such as string, int or boolean that returned the ideal information for that service or data. The items were created with a nomenclature (app, type and check_cmd). Where the app must be the same argument used in the file snmpd.conf. The type field has a numbering of 0 or 1, and check_cmd is the command to be executed. These variables are separated by the ${BASH_REMATCH[1-3]}argument respectively in the Shell script.

In the field type, 0 performs a system process verification, filtering by the specific application. The following command is executed for the value 0:

Already with the value 1, the existing command in the variable check_cmd is executed.

Considering the validation of the executed arguments, the Shell script was built with the following format:



With the SNMP configuration file and the script created, it was only necessary to obtain the OID of each item and thus, create items in the Zabbix system. In order, not to create just a single template and associate all the obtained items in that template and use it on all equipment. I created templates for each application; Asterisk, NTP, OpenSips, Mysql and etc. With each template of each created service, I produced key templates for the equipment and linked the service templates to the equipment templates, in a template hierarchy

Template hierarchy in Zabbix

In this way, I built a simple, yet extremely efficient and scalable monitoring system. The use of SNMP extend made it easier to obtain application and specific information. It fit perfectly into the existing device structure, with each having its own peculiarity.



Junior Support Analyst at CAM Tecnologia | MEng student in Cybersecurity -PPEE - UnB | LPIC-1

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rafael Moraes Monteiro

Junior Support Analyst at CAM Tecnologia | MEng student in Cybersecurity -PPEE - UnB | LPIC-1