# Linux
{% hint style="info" %}
This section provides the installation steps for NetObserv SNMP. Many users get started using ElastiFlow with the Elastic Stack (Elasticsearch and Kibana). To install and configure the Elastic Stack step-by-step instructions are provided for both [**Ubuntu/Debian**](/data_platforms/elastic/install_ubuntu.md) and [**RedHat/AlmaLinux**](/data_platforms/elastic/install_redhat.md).
{% endhint %}
NetObserv SNMP can be installed natively on Linux. Packages are currently provided for and supported on the Linux distributions and versions listed in the following table.
| Distribution | Versions |
| ------------------------- | -------------------- |
| Ubuntu | 22.04 LTS, 24.04 LTS |
| Debian | 12 |
| RHEL/RockyLinux/AlmaLinux | 8.x, 9.x |
### Ubuntu/Debian Installation (deb)
The Debian package for the NetObserv SNMP can be downloaded from [here](https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_7.25.0_linux_amd64.deb). It can be used for installation on most Debian-based systems such as Debian and Ubuntu.
#### Download the `.deb` Package
The package can be easily downloaded using either the `wget` or `curl` command:
wget https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_space.vars.current_version_linux_amd64.deb
curl https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_space.vars.current_version_linux_amd64.deb --output snmp-collector_space.vars.current_version_linux_amd64.deb
#### Verify the Package
**Checksum Verification**
To ensure the downloaded file was fully downloaded and wasn't corrupted or tampered with, you can verify the provided checksum matches.
# get checksum of the downloaded file:
sha256sum snmp-collector_space.vars.current_version_linux_amd64.deb
# verify the checksum provided from the previous command matches the checksum here:
https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_space.vars.current_version_linux_amd64.deb.sha256
**GPG Verification**
ElastiFlow signs the Debian package with a GNU Privacy Guard (GPG) key. To verify the Debian package, download and import the ElastiFlow GPG public key:
```shell
curl -o- https://elastiflow-releases.s3.us-east-2.amazonaws.com/elastiflow.pgp | gpg --import -
```
Next, download the signature file:
curl -SLO https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_space.vars.current_version_linux_amd64.deb.sig
Finally, verify the file with the signature:
gpg --verify snmp-collector_space.vars.current_version_linux_amd64.deb.sig snmp-collector_space.vars.current_version_linux_amd64.deb
The collector requires `libpcap-dev`. Check if the `libpcap-dev` package is installed:
```shell
sudo dpkg-query -l | grep libpcap-dev
```
If installed, the output will look similar to the follow:
```shell
ii libpcap-dev:amd64 1.9.1-3 amd64 development library for libpcap (transitional package)
```
If it is not present, install it:
```shell
sudo apt install libpcap-dev
```
#### Install the `.deb` Package
There are two methods to install the NetObserv SNMP package, `apt` or `dpkg`.
**Install with `apt`**
sudo apt install ./snmp-collector_space.vars.current_version_linux_amd64.deb
**Install with `dpkg`**
curl https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector_space.vars.current_version_linux_amd64.deb --output snmp-collector_space.vars.current_version_linux_amd64.deb
### RedHat/AlmaLinux Installation (rpm)
The RPM package for the NetObserv SNMP can be downloaded from [here](https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector-7.25.0-1.x86_64.rpm). It can be used for installation on most RedHat-based systems such as RHEL and CentOS.
#### Download the `.rpm` Package
The package can be easily downloaded using `wget` or `curl`:
wget https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector-space.vars.current_version-1.x86_64.rpm
curl https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector-space.vars.current_version-1.x86_64.rpm --output snmp-collector-space.vars.current_version-1.x86_64.rpm
#### Verify the Package
**Checksum Verification**
To ensure the downloaded file was fully downloaded and wasn't corrupted or tampered with, you can verify the provided checksum matches.
# get checksum of the downloaded file:
sha256sum snmp-collector-space.vars.current_version-1.x86_64.rpm
# verify the checksum provided from the previous command matches the checksum here:
https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector-space.vars.current_version-1.x86_64.rpm.sha256
**GPG Verification**
ElastiFlow signs the RPM package with a GNU Privacy Guard (GPG) key. To verify the RPM package, download and import the ElastiFlow GPG public key:
```shell
# import public key into gpg keychain
curl -o- https://elastiflow-releases.s3.us-east-2.amazonaws.com/elastiflow.pgp | gpg --import -
# trust the public key
echo "6A2E26EFDE24AA7A634A442ED5C0572E5D212F6B:6:" | gpg --import-ownertrust
# import public key into rpm trust store
rpm --import https://elastiflow-releases.s3.us-east-2.amazonaws.com/elastiflow.pgp
```
Next, download the signature file:
curl -SLO https://elastiflow-releases.s3.us-east-2.amazonaws.com/snmp-collector/snmp-collector-space.vars.current_version-1.x86_64.rpm.sig
Finally, verify the file with the signature:
gpg --verify snmp-collector-space.vars.current_version-1.x86_64.rpm.sig snmp-collector-space.vars.current_version-1.x86_64.rpm
#### Ensure that `libpcap` and `libpcap-devel` are Installed
The collector requires `libpcap` and `libpcap-devel`. Check if the packages are installed:
```shell
rpm -q libpcap libpcap-devel
```
If installed, the output will look similar to the following:
```shell
libpcap-1.9.1-5.el8.x86_64
libpcap-devel-1.9.1-5.el8.x86_64
```
If the packages are not present, install them:
**RHEL 8.x based Distributions (Alma, Rocky, Fedora, etc.)**
```shell
sudo dnf --enablerepo=powertools install libpcap libpcap-devel -y
```
**RHEL 9.x based Distributions (Alma, Rocky, Fedora, etc.)**
```shell
sudo dnf --enablerepo=crb install libpcap libpcap-devel -y
```
**RHEL 9.x based Distributions (Official RedHat distribution)**
```shell
sudo dnf --enablerepo=codeready-builder-for-rhel-9-x86_64-rpms install libpcap libpcap-devel -y
```
#### Install/Upgrade the `.rpm` Package
If installing the NetObserv SNMP package for the first time, i.e. NOT upgrading, run the following:
sudo yum install -y snmp-collector-space.vars.current_version-1.x86_64.rpm
If upgrading from a previously installed NetObserv SNMP package, run the following:
sudo rpm -Uhv snmp-collector-space.vars.current_version-1.x86_64.rpm
### Configuration
The NetObserv SNMP will be installed to run as a daemon managed by `systemd`. Configuration of the collector is provided via environment variables and, depending on the enabled options, via various configuration files which by default are located within `/etc/elastiflow`.
To configure the variables, edit the file `/etc/elastiflow/snmpcoll.yml`. For details on all the configuration options, please refer to the [Configuration Reference](/snmpcoll/configuration.md).
{% hint style="info" %}
At a minimum the NetObserv SNMP must point to a valid data store. The most common installation uses Elasticsearch and Kibana as the data store. To install and configure the Elastic Stack step-by-step instructions are provided for both [**Ubuntu/Debian**](/data_platforms/elastic/install_ubuntu.md) and [**RedHat/AlmaLinux**](/data_platforms/elastic/install_redhat.md).
{% endhint %}
{% hint style="info" %}
NetObserv SNMP will set CAP\_NET\_RAW capability for itself. It must have permission to create/send ping requests to detect 'degraded' device status. In some Linux distributions, that permission is not automatic, so the systemd service file adds it explicitly. CAP\_NET\_RAW grants the process the capability to use RAW and PACKET sockets and to bind to any address for transparent proxying.
{% endhint %}
### Checking the SNMP Definition Files
If you are upgrading NetObserv, and the [changelog](/changelog.md) mentions that 'SNMP definition' files have been updated, then consult [this page](https://github.com/elastiflow/documentation/blob/main/docs/kb/install/def_download/README.md) for how to make sure you receive those changes.
### Running the Collector
To start the collector, execute the follow commands:
```shell
sudo systemctl daemon-reload && sudo systemctl start snmpcoll.service
```
To ensure the collector has started and is running, execute:
```shell
sudo systemctl status snmpcoll.service
```
The collector can be stopped using:
```shell
sudo systemctl stop snmpcoll.service
```
If you want the collector to be started automatically when the system is booted, it must be enabled:
```shell
sudo systemctl enable snmpcoll.service
```
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.elastiflow.com/snmpcoll/installation/install_linux.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.