In setting up Zabbix to monitor my devices, I had to look up how to set up SNMP in VMware. My first mistake was assuming that vCenter, the central management system for VMware, would actually centrally manage SNMP. It does not.
From what I can tell, you cannot set up SNMP from the GUI, and has to be set up on each ESXi host manually, or rather individually. It could be scripted.
Setting up vCenter
For vCenter, log in to the command shell as root via ssh. I assume here you have already set up ssh and know your root password.
The command for setting the community string(s) is:
snmp.set --communities my_community1,mycommunity2,etc
You do not have to specify more than one, but you can. Then you enable the SNMP service with the command:
snmp.enable
Setting up ESXi Hosts
To set up on each ESXi host, you need to log in to the command line via ssh as root. I assume here you have already set up ssh and know your root password.
To see the list of SNMP options, you can run the command:
[root@esxi01:~] esxcli system snmp set --help
Usage: esxcli system snmp set [cmd options]
Description:
set This command allows the user to set up ESX SNMP agent.
Cmd options:
-a|--authentication=<str>
Set default authentication protocol. Values: none, MD5, SHA1
-c|--communities=<str>
Set up to ten communities each no more than 64 characters. Format is:
community1[,community2,...] (this overwrites previous settings)
-e|--enable Start or stop SNMP service. Values: [yes|no, true|false, 0|1]
-E|--engineid=<str> Set SNMPv3 engine id. Must be at least 10 to 32 hexadecimal characters. 0x or 0X is
stripped if found as well as colons (:)
-y|--hwsrc=<str> Where to source hardware events from IPMI sensors or CIM Indications. One of:
indications|sensors
-s|--largestorage Support large storage for hrStorageAllocationUnits * hrStorageSize. Values: [yes|no,
true|false, 0|1]. Control how the agent reports hrStorageAllocationUnits,
hrStorageSize and hrStorageUsed in hrStorageTable. Setting this directive to 1 to
support large storage with small allocation units, the agent re-calculates these
values so they all fit Integer32 and hrStorageAllocationUnits * hrStorageSize gives
real size of the storage ( Note: hrStorageAllocationUnits will not be real
allocation units if real hrStorageSize won't fit into Integer32 ). Setting this
directive to 0 turns off this calculation and the agent reports real
hrStorageAllocationUnits, but it might report wrong hrStorageSize for large storage
because the value won't fit into Integer32.
-l|--loglevel=<str> System Agent syslog logging level: debug|info|warning|error
-n|--notraps=<str> Comma separated list of trap oids for traps not to be sent by agent. Use value
'reset' to clear setting
-p|--port=<long> Set UDP port to poll snmp agent on. The default is udp/161
-x|--privacy=<str> Set default privacy protocol. Values: none, AES128
-R|--remote-users=<str>
Set up to five inform user ids. Format is: user/auth-proto/-|auth-hash/priv-
proto/-|priv-hash/engine-id[,...] Where user is 32 chars max. auth-proto is
none|MD5|SHA1, priv-proto is none|AES. '-' indicates no hash. engine-id is hex
string '0x0-9a-f' up to 32 chars max.
-r|--reset Return agent configuration to factory defaults
-C|--syscontact=<str> System contact string as presented in sysContact.0. Up to 255 characters
-L|--syslocation=<str>
System location string as presented in sysLocation.0. Up to 255 characters.
-t|--targets=<str> Set up to three targets to send SNMPv1 traps to. Format is: ip-or-
hostname[@port]/community[,...] The default port is udp/162. (this overwrites
previous settings)
-u|--users=<str> Set up to five local users. Format is: user/-|auth-hash/-|priv-hash/model[,...]
Where user is 32 chars max. '-' indicates no hash. Model is one of (none|auth|priv).
-i|--v3targets=<str> Set up to three SNMPv3 notification targets. Format is: ip-or-
hostname[@port]/remote-user/security-level/trap|inform[,...].
So, the basic two steps you need for SNMP v1/2c are to see your community string, and to enable the service:
esxcli system snmp set -c
my_community
esxcli system snmp set -e true
I am not covering v3 here as that is much more involved. On a closed LAN, v2c is perfectly fine. If you have hosts in any way exposed to the internet, you will definitely want to use v3.