全部博文(321)
分类: LINUX
2014-06-13 13:55:18
zabbix监控获取数据的途径有简单检查,zabbixagent,snmp,snmp用来监控交换机,打印机,路由器等网络设备时更为方便;snmp通过特定的oid值来获取对应的数据。
1.snmp的安装:
1
|
[root@zhu1 ~]# yum -y install net-snmp net-snmp-*
|
2.启动snmp服务
1
2
|
[root@zhu2 ~]# service snmpd start
启动 snmpd: [确定]
|
这样就能通过snmpwalk指令获取数据
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[root@zhu1 ~]# snmpwalk -v2c -c public 192.168.70.137
SNMPv2-MIB::sysDescr.0 = STRING: Linux zhu3 2.6.18-194.el5#1 SMP Fri Apr 2 14:58:35 EDT 2010 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (126645) 0:21:06.45
SNMPv2-MIB::sysContact.0 = STRING: Root
SNMPv2-MIB::sysName.0 = STRING: zhu3
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit/etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (17) 0:00:00.17
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB moduleforSNMPv2 entities
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB moduleformanaging TCP implementations
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB moduleformanaging IP and ICMP implementations
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB moduleformanaging UDP implementations
SNMPv2-MIB::sysORDescr.5 = STRING: View-based Access Control ModelforSNMP.
SNMPv2-MIB::sysORDescr.6 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.7 = STRING: The MIBforMessage Processing and Dispatching.
SNMPv2-MIB::sysORDescr.8 = STRING: The management information definitionsforthe SNMP User-based Security Model.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (13) 0:00:00.13
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (13) 0:00:00.13
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (14) 0:00:00.14
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (14) 0:00:00.14
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (14) 0:00:00.14
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (17) 0:00:00.17
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (17) 0:00:00.17
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (17) 0:00:00.17
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (420190) 1:10:01.90
HOST-RESOURCES-MIB::hrSystemUptime.0 = Nomorevariables leftinthis MIB View (It is past the end of the MIB tree)
|
snmp安装后,默认的配置文件是/etc/snmp/snmpd.conf,得到是数据信息是有限的,需要手动配置。
3.snmp配置文件详解
1.定义安全体名称
1
2
3
4
5
6
7
|
com2sec notConfigUser default public
配置语法:
com2sec sec.name sourcecommunity
com2sec :固定的配置指令
sec.name :安全体名称,可自定义,本例中为notConfigUser
source:允许访问的地址,default默认为全部允许
community :共同体或社区名称,可以自定义,这个最重要,相当于取数据时的密码,本例中为采用安装时默认的为public
|
2.定义安全组
1
2
3
4
5
6
7
8
|
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
配置语法:
group groupName securityModel securityName
group :固定配置指令
groupName :安全组名字,本例为notConfigGroup
securityModel :安全模式,可选的值有v1,v2c等
securityName :安全体名,在前文定义过的
|
3.定义视图
1
2
3
4
5
6
7
8
9
10
11
|
# name incl/excl subtree mask(optional)
view systemview included .1
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
配置语法:
view name include substree mask
view :固定配置指令
name :视图名,本例为systemview
included :一般用include表示包括的视图内容,excl很少用,表示排除的意思
subtree :mib子树节点
mask :掩码 ,可以不写,默认
|
4.向安全组授权相应的视图
1
2
3
4
5
6
7
8
9
10
11
12
|
access notConfigGroup"" any noauth exact systemview none none
配置语法:
access group context sec.model sec.level prefixread write notif
access :固定的配置指令
group :安全组名,在前文设定的
context :上下文,v1,v2c中始终为空:“”;
sec.model :安全模式,可选v1。v2c,any表示支持所有的模式
sec.level :安全级别,可选值有auth,noauth,priv,v1,v2c中只能为noauth
prefix :代理,可以不写该项
read:授权的读视图
write :授权的写视图
notif :授权的trap视图
|
5.系统联系人息
1
2
|
syslocation Unknown (edit/etc/snmp/snmpd.conf)
syscontact Root
|
完整的配置实例1
1
2
3
4
5
6
7
8
|
[root@zhu3 snmp]# vim /etc/snmp/snmpd.conf
com2sec zhujiangtao default caisangzi
group zhujiangtao v1 zhujiangtao
group zhujiangtao v2c zhujiangtao
view view1 included .1
view view1 included .1.3.6.1.2.1.1
view view1 included .1.3.6.1.2.1.25.1.1
access zhujiangtao "" any noauth exact view1 none none
|
查看取得的数据
1
2
|
#在配置文件中把安全团体名和团体组名配置相同都为zhujiangtao
[root@zhu1 ~]# snmpwalk -v2c -c caisangzi 192.168.70.137
|
***************************************************************************************************
简洁的配置实例
1
2
3
4
5
6
7
8
9
10
11
12
13
|
rocommunity zhuzhu 127.0.0.1/32
rocommunity zhuzhu 10.1.1.0/32
rocommunity zhuzhu 192.168.70.133
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
view systemview include .1.3.6.1.2.1.1
view systemview include .1.3.6.1.2.1.25.1.1
view systemview include .1.3.6.1.4.1.2208
access notConfigGroup""any noauth exact all none none
view all include .1 80
syslocation Unknown
syscontact Root
~
|
1
2
3
4
5
|
rocommunity COMMUNITY [SOURCE [OID]]
rwcommunity COMMUNITY [SOURCE [OID]]
rocommunity :读权限与团体名的合成指令
COMMUNITY :团体名
[SOURCE [OID]] :允许的ip,与包含的oid树节点,可以不写采用默认的
|
********************************************************************************************
与snmp有关的指令介绍
snmpwalk-v2c-c团体名ip地址:查看某主机的oid信息
1
|
[root@zhu1 ~]# snmpwalk -v2c -c caisangzi 192.168.70.137
|
snmpget
1
2
|
[root@zhu1 ~]# snmpget -v2c -c caisangzi 192.168.70.137 SNMPv2-MIB::sysName.0
SNMPv2-MIB::sysName.0 = STRING: zhu3
|
把内容转化为oid
1
2
|
[root@zhu1 ~]# snmpget -v2c -c caisangzi -On 192.168.70.137 SNMPv2-MIB::sysName.0
.1.3.6.1.2.1.1.5.0 = STRING: zhu3
|
1
2
|
[root@zhu1 ~]# snmptranslate -On SNMPv2-MIB::sysName.0
.1.3.6.1.2.1.1.5.0
|
本文出自 “浪淘沙” 博客,请务必保留此出处http://caisangzi.blog.51cto.com/6387416/1298164