Shulou(Shulou.com)06/01 Report--

Download the CentosSNMP service first

Yum install-y net-snmp net-snmp-devel net-snmp-utils

two。 Configure SNMP service after installation is complete

[root@vpv-zhu ~] # cat / etc/snmp/snmpd.conf | grep-vE "^ # | ^ $" com2sec notConfigUser default publicgroup notConfigGroup v1 notConfigUsergroup notConfigGroup V2C notConfigUserview systemview included. 1.3.6.1.2.1.1view systemview included .1.3.6.1.2.25.1.1access notConfigGroup "" any noauth exact systemview none nonesyslocation Unknown (edit / etc/snmp/snmpd.conf) syscontact Root ( Configure / etc/snmp/snmp.local.conf) dontLogTCPWrappersConnects yes parameter description: # format: com2sec [- Cn context] sec.name source community# com2sec: fixed command # [- Cn context]: optional In v3 version # sec.name: internally mapped names and strings are used. When building groups, you need to use # source: a range of ip addresses that can be accessed. The default value is "default", that is, any ip can be accessed. You can also use the restriction 192.168.1.0 community 24, or 192.168.1.0 community 255.255.255.entity string, the name used externally in com2sec notConfigUser default public# format: group groupName securityModel sec.name# group: fixed command # groupName: group name # securityMode1: v1recoveryusmdirection tsmsmKSM # sec.name: map the sec.name to a group, with the same access permissions in the group. Group notConfigGroup V2C notConfigUser# format: view viewName type oid [mask] # view: define a view that represents subtrees in the entire OID tree. Multiple view# viewName can be defined in the same subtree: view names # type: included and exclude (inclusive and excluded) # oid: accessible oid# [mask]: mask example for oid: view all include 1.3.6.1.2.1.4 0xf0# 0xf0:1111 0000 That is, the first four digits of the accessed oid must be 1.3.6.1, otherwise it cannot be accessed, that is, all sub-oidview systemview included under 1.3.6.1 can be accessed. 1.3.6.1.2.1.25.1.1 # format: access groupName context model level prefx view read write # access: set access to a view # groupName: group name that controls access # context:v1 and V2C version Context must be set to'# mode1:v1, V2C, usm, tsm, ksm. The last three are v3 version authorization mode, usm (user-based authentication), tsm (SSH or DTLS),) ksm (to support Kerberos) # level: noauth, auth, priv. Noauth (access without permission is allowed, v1dyne V2C is available), auth (permission is required to access), pric (forced encrypted access) # prefx: exact or prefix (precision or prefix) # view read, write: indicate whether the permission of a certain view can be GET*, SET*, if the view cannot be read or write, then set noneaccess notConfigGroup "" any noauth exact systemview none none# if not commented out, the production log will be added to log Only disable other specific parameters of dontLogTCPWrappersConnects yessyslocation Unknown (edit / etc/snmp/snmpd.conf) syscontact Root (configure / etc/snmp/snmp.local.conf) during debugging. Please refer to the official instruction http://www.NET-snmp.org/docs/man/snmpd.conf.html.

3. Just start the SNMP service

Service snmpd startchkconfig-- add snmpd 3pm 5 on

4. Verify that the service started successfully

[root@vpv-zhu ~] # snmpwalk-v 2c-c public localhost sysNameSNMPv2-MIB::sysName.0 = STRING: as above, you can get the hostname, indicating that the SNMP service can use [root@vpv-zhu ~] # snmptranslate-To normally | head-n3.1.3.3.6.1.3.6.as above Indicates that the SNMP tool can use [root@vpv-zhu ~] # snmpwalk-v 2c-c public 10.60.12.64 sysName# to test whether the remote Linux service is working, if the remote hostname is not available Check the remote Linux firewall [root@vpv-zhu ~] # snmpwalk-v 2c-c public localhost 1.3.6.1.4.1.2021.11.11.0UCD-SNMP-MIB::ssCpuIdle.0 = No more variables left in this MIB View (It is past the end of the MIB tree) # as above indicates that there is no way to get the CPU idle state (Note: 1.3.6.1.4.1.2021.11.11.0 is the oid of the host CPU idle rate)

5. To get some important information about the host, modify the default configuration of snmp

View systemview included .1.3.6.1.2.25.1.1 # view defines which node device information can be accessed view systemview included. / # makes access to all information (more dangerous)

Note: firewall is required to open UDP port 161,

Snmp simple oid list: http://www.ttlsa.com/monitor/snmp-oid/

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.