zoukankan      html  css  js  c++  java
  • CentOS构造SNMP

    <span style="font-size:14px;">本文介绍怎样在CentOS环境下配置一个简单的SNMP服务</span>
    

    软件安装

    切换到系统管理员帐户

    安装snmp
    确认snmp代理已安装
    rpm -q net-snmp
    假设未安装。安装snmp
    yum install net-snmp


    设置开机自己主动执行snmp
    /sbin/chkconfig snmpd on配置snmp


    改动配置文件

    将原来的配置文件备份。编辑/etc/snmp/snmpd.conf,简单配置例如以下

    # First, map the community name "public" into a "security name"
    
    #       sec.name  source          community
    com2sec notConfigUser  default       public
    
    ####
    # Second, map the security name into a group name:
    
    #       groupName      securityModel securityName
    group   notConfigGroup v1           notConfigUser
    group   notConfigGroup v2c           notConfigUser
    
    ####
    # Third, create a view for us to let the group have rights to:
    
    # Make at least  snmpwalk -v 1 localhost -c public system fast again.
    #       name           incl/excl     subtree         mask(optional)
    view    systemview    included   .1.3.6.1.2.1.1
    view    systemview    included   .1.3.6.1.2.1.25.1.1
    
    ####
    # Finally, grant the group read-only access to the systemview view.
    
    #       group          context sec.model sec.level prefix read   write  notif
    access  notConfigGroup ""      any       noauth    exact  systemview none none
    

    启动snmp

    /etc/init.d/snmpd start
    假设已启动则重新启动snmp服务
    /etc/init.d/snmpd restart

    測试snmp

    查看port是否打开
    netstat -ln | grep 161

    安装snmp測试工具
    yum install net-snmp-utils

    本机測试snmp数据(改动monit为配置的团体名)
    snmpwalk -v 2c -c public localhost system

    snmpwalk -v3 -u username -l auth -a MD5 -A password localhost

    创建SNMP(v3)用户

    net-snmp-config --create-snmpv3-user -ro -a MD5 lyceemsnmp lyceem.com

    远程測试snmp数据(改动ip为serverip,snmpwalk命令须要安装net-snmp)
    snmpwalk -v 2c -c public ip system


    故常处理

    错误排除假设本地測试snmp有数据。远程測试snmp无数据则因为server防火墙禁止了外部訪问serverudp 161port,则:
    改动 /etc/sysconfig/iptables (或者:/etc/sysconfig/iptables-config ) ,添加例如以下规则:
    -A RH-Firewall-1-INPUT -p udp -m state Cstate NEW -m udp Cdport 161 -j ACCEPT
    重新启动iptables
    /etc/init.d/iptables restart

    版权声明:本文博主原创文章,博客,未经同意不得转载。

  • 相关阅读:
    python基础易错题
    经典案例题2
    经典案例题1
    Http和Https的区别
    爬虫过程中需要注意的问题
    [转]项目规模估计方法介绍
    [转]23种设计模式总结
    [转]分布式session的几种实现方式
    [转]Redis哨兵模式(sentinel)学习总结及部署记录(主从复制、读写分离、主从切换)
    [转]【Linux】Linux 目录结构
  • 原文地址:https://www.cnblogs.com/zfyouxi/p/4852594.html
Copyright © 2011-2022 走看看