侧边栏壁纸
博主头像
WinJay博主等级

博观而约取 厚积而薄发

  • 累计撰写 317 篇文章
  • 累计创建 169 个标签
  • 累计收到 1 条评论

目 录CONTENT

文章目录

Ubuntu配置snmp服务 新版

WinJay
2014-05-21 / 0 评论 / 0 点赞 / 79 阅读 / 2,905 字 / 正在检测是否收录...
温馨提示:
本文最后更新于 2022-01-21,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

背景:学校里要对机房的所有服务器用摩卡软件进行监控,所以要在所有的服务器上安装和配置SNMP协议。

动机:我参考网上很多资料安装和配置SNMP,没搞定,于是自己研究了一下如何配置,最终顺利完成,所以分享一下。

1. SNMP安装

运行如下两个命令

apt-get install snmp

apt-get install snmpd

顺利运行完毕,使用如下命令测试一下

root@Ouc:~# lsof -i:161

如果输出了正在运行snmp协议,便说明安装OK。

p194-001

2. SNMP配置(重点)

我的SNMP配置文件/etc/snmp/snmpd.conf与网上早年的一些资料不同,主要是 压根没有出现com2sec,下面附上我的snmpd.conf的前半部分:

———————————–下面是snmpd.conf———————————

###############################################################################
#
# EXAMPLE.conf:
# An example configuration file for configuring the Net-SNMP agent (‘snmpd’)
# See the ‘snmpd.conf(5)’ man page for details
#
# Some entries are deliberately commented out, and will need to be explicitly activated
#
###############################################################################
#
# AGENT BEHAVIOUR
#

# Listen for connections from the local system only
#agentAddress udp:127.0.0.1:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161

###############################################################################
#
# SNMPv3 AUTHENTICATION
#
# Note that these particular settings don’t actually belong here.
# They should be copied to the file /var/lib/snmp/snmpd.conf
# and the passwords changed, before being uncommented in that file *only*.
# Then restart the agent

# createUser authOnlyUser MD5 “remember to change this password”
# createUser authPrivUser SHA “remember to change this one too” DES
# createUser internalUser MD5 “this is only ever used internally, but still change the password”

# If you also change the usernames (which might be sensible),

# then remember to update the other occurances in this example config file to match.

###############################################################################
#
# ACCESS CONTROL
#

# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
view systemonly included .1 80
# Full access from the local host
#rocommunity public localhost
# Default access to basic system info
rocommunity public default -V systemonly

# Full access from an example network
# Adjust this network address to match your local
# settings, change the community string,
# and check the ‘agentAddress’ setting above
#rocommunity secret 10.0.0.0/16

# Full read-only access for SNMPv3
rouser authOnlyUser
# Full write access for encrypted requests
# Remember to activate the ‘createUser’ lines above
#rwuser authPrivUser priv

# It’s no longer typically necessary to use the full ‘com2sec/group/access’ configuration
# r[ou]user and r[ow]community, together with suitable views, should cover most requirements

———————————–上面是snmpd.conf———————————

我的目的是进行远程SNMP连接,所以需要做如下的修改:

root@Ouc:~# vim /etc/snmp/snmpd.conf
将下面这一行
agentAddress udp:127.0.0.1:161
注释掉,即
\#agentAddress udp:127.0.0.1:161
然后将原来的这一行
\#agentAddress udp:161,udp6:[::1]:161
去掉注释,即
agentAddress udp:161,udp6:\[::1\]:161
这样便可以实现snmp的远程监听了。
但修改后cacti服务器还是无法监测到CPU、内存、流量的数据,所以需要再做如下修改:
在snmpd.conf中找到下面的内容 view systemonly included .1.3.6.1.2.1.1 view systemonly included .1.3.6.1.2.1.25.1在下面加上一行 view systemonly included .1 80 这样就允许监听所有设备了。
完成所有修改后,重启snmp
root@Ouc:~# service snmpd restart
本地测试SNMP是否监测各类指标的方法:运行如下命令
root@Ouc:~# snmpwalk -v 2c -c public localhost
如果输出结果有好多页好多页,应该是设置成功了!
0

评论区