<span style="font-size:14px;">本文介绍怎样在CentOS环境下配置一个简单的SNMP服务</span>
软件安装
切换到系统管理员帐户
安装snmp
确认snmp代理已安装
rpm -q net-snmp
假设未安装。安装snmp
yum install net-snmp
设置开机自己主动执行snmp
/sbin/chkconfig snmpd on配置snmp
改动配置文件
将原来的配置文件备份。编辑/etc/snmp/snmpd.conf,简单配置例如以下
# First, map the community name "public" into a "security name" # sec.name source community com2sec notConfigUser default public #### # Second, map the security name into a group name: # groupName securityModel securityName group notConfigGroup v1 notConfigUser group notConfigGroup v2c notConfigUser #### # Third, create a view for us to let the group have rights to: # Make at least snmpwalk -v 1 localhost -c public system fast again. # name incl/excl subtree mask(optional) view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 #### # Finally, grant the group read-only access to the systemview view. # group context sec.model sec.level prefix read write notif access notConfigGroup "" any noauth exact systemview none none
启动snmp
/etc/init.d/snmpd start
假设已启动则重新启动snmp服务
/etc/init.d/snmpd restart
測试snmp
查看port是否打开
netstat -ln | grep 161
安装snmp測试工具
yum install net-snmp-utils
本机測试snmp数据(改动monit为配置的团体名)
snmpwalk -v 2c -c public localhost system
snmpwalk -v3 -u username -l auth -a MD5 -A password localhost
创建SNMP(v3)用户
net-snmp-config --create-snmpv3-user -ro -a MD5 lyceemsnmp lyceem.com
远程測试snmp数据(改动ip为serverip,snmpwalk命令须要安装net-snmp)
snmpwalk -v 2c -c public ip system
故常处理
错误排除假设本地測试snmp有数据。远程測试snmp无数据则因为server防火墙禁止了外部訪问serverudp 161port,则:改动 /etc/sysconfig/iptables (或者:/etc/sysconfig/iptables-config ) ,添加例如以下规则:
-A RH-Firewall-1-INPUT -p udp -m state Cstate NEW -m udp Cdport 161 -j ACCEPT
重新启动iptables
/etc/init.d/iptables restart
版权声明:本文博主原创文章,博客,未经同意不得转载。