Template:FAQ:Agent 05
Deleting the text file for a MIB does not affect the agent (other than to prevent it from recognising MIB object names in the config files). It's necessary to tell the agent not to activate the relevant code that actually implements these objects. There are three ways to do this:
There are three options to prevent the agent returning information from a particular MIB:
- re-run
configureto exclude the given MIB module(s) from the build configuration, then recompile and reinstall:
./configure --with-out-mib-modules=path/to/unwanted ....
make
make install
This specifies the path to the module code file, relative to
the agent/mibgroup directory. Clearly, this approach is
only possible if you are working with a source distribution.
- disable the MIB at runtime
snmpd -I -unwanted
Note that this relies on knowing which modules are used to
implement the relevant MIB objects. If you're not sure,
you could try walking the nsModuleName MIB object, which
indicates the module responsible for each particular range
of OIDs.
You can also check which MIB modules are loaded by getting the agent to report them as they are initialised:
snmpd -Dmib_init -H
From this information, it should then be fairly obvious which modules to disable.
- use access control to exclude the mib from the view used to query the agent:
view almostEverything included .1
view almostEverything excluded unwantedMib
rocommunity public default -V almostEverything
This approach can also be used with the full com2sec/group/access
configuration directives (e.g. with versions earlier than 5.3,
which don't support the above mechanism).
