1、如何使用SNMP来监控Linux服务器如何使用SNPM 来监控Linux服务器作 者: icefired (icefired)2005-9-16Keywords SNMP, Linux, Orion NPM, MRTG, Net-SNMPObjects Using SNMP to monitor a Linux server 准 备1 Net-SNMP 5.1.2 或 UCD-SNMP 4.2.3下载:-snmp.org/download.html2 A Linux Server: Redhat Linux 7/8/9,RHEL 3/4 或其他Linux 发行版。3 SNMP Tool: So
2、larwinds toolset V8.2或 Orion Network Performance Monitor V7.8, 其他支持SNMP监控的工具如HP OpenView, IBM NetView, SNMPC V7均可以。步 骤1. 安装Net-SNMP 或UCD-SNMP. (三种方法) 安装Linux系统时自动安装安装Linux系统的时候选择 UCD-SNMP 和 SNMP-Utility两个安装包就可以了。 使用RPM包来安装,这里以Redhat 9为例来说明。先检查有无安装旧的版本: rpm q ucd-snmp全新安装:#rpm ivh net-snmp-5.1.2-1.rh
3、9.i386.rpm#rpm ivh net-snmp-devel-5.1.2-1.rh9.i386.rpm 使用原代码来安装#wget #tar xzvf net-snmp-5.1.3.1.tar.gz#cd net-snmp-5.1.3.1#./configure# make & make install如果没什么问题则顺利完成安装,Linux的安装和命令使用不在本文讨论范围,请大家查询相关手册。2. 配置SNMP 设置SNMPD 服务自动启动# setup 然后勾选上 services - snmpd启动snmpd 进程#service snmpd start 2.2 检查一下snmpd
4、进程是否运行正常# ps ef | grep snmpd 2.3 配置/etc/snmp/snmpd.conf好了,按照前面的步骤我们已经顺利的安装好SNMP服务了,如果使用默认的snmpd.conf 文件,我们将只能够看到系统信息,而不能对系统资源进行监测。下面是一份net-snmp自带的snmpd.conf文件:#-Begin-# snmpd.conf:# An example configuration file for configuring the ucd-snmp snmpd agent.# This file is intended to only be as a startin
5、g point. Many more# configuration directives exist than are mentioned in this file. For # full details, see the snmpd.conf(5) manual page.# All lines beginning with a # are comments and are intended for you# to read. All other lines are configuration commands for the agent.# Access Control# As shipp
6、ed, the snmpd demon will only respond to queries on the# system mib group until this file is replaced or modified for# security purposes. Examples are shown below about how to increase the# level of access.# By far, the most common question I get about the agent is why wont# it work?, when really it
7、 should be how do I configure the agent to# allow me to access it?# By default, the agent responds to the public community for read# only access, if run out of the box without any configuration file in # place. The following examples show you other ways of configuring# the agent so that you can chan
8、ge the community names, and give# yourself write access to the mib tree as well.# For more information, read the FAQ as well as the snmpd.conf(5)# manual page.# First, map the community name public into a security name# sec.name source communitycom2sec notConfigUser default public# Second, map the s
9、ecurity name into a group name:# groupName securityModel securityNamegroup notConfigGroup v1 notConfigUsergroup notConfigGroup v2c notConfigUser# Third, create a view for us to let the group have rights to:# Make at least snmpwalk -v 1 localhost -c public system fast again.# name incl/excl subtree m
10、ask(optional)view systemview included .1.3.6.1.2.1.1view systemview included .1.3.6.1.2.1.25.1.1# Finally, grant the group read-only access to the systemview view.# group context sec.model sec.level prefix read write notifaccess notConfigGroup any noauth exact systemview none none# -# Here is a comm
11、ented out example configuration that allows less# restrictive access.# YOU SHOULD CHANGE THE COMMUNITY TOKEN BELOW TO A NEW KEYWORD ONLY# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.# sec.name source community#com2sec local
12、localhost COMMUNITY#com2sec mynetwork NETWORK/24 COMMUNITY# group.name sec.model sec.name#group MyRWGroup any local#group MyROGroup any mynetwork#group MyRWGroup any otherv3user#.# incl/excl subtree mask#view all included .1 80# -or just the mib2 tree-#view mib2 included .iso.org.dod.internet.mgmt.m
13、ib-2 fc# context sec.model sec.level prefix read write notif#access MyROGroup any noauth 0 all none none#access MyRWGroup any noauth 0 all all all# System contact information# It is also possible to set the sysContact and sysLocation system# variables through the snmpd.conf file:syslocation Unknown
14、(edit /etc/snmp/snmpd.conf)syscontact Root (configure /etc/snmp/snmp.local.conf)# Example output of snmpwalk:# % snmpwalk -v 1 localhost -c public system# system.sysDescr.0 = SunOS name sun4c# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4# system.sysUpTime.0 = Timeticks: (59563
15、7548) 68 days, 22:32:55# system.sysContact.0 = Me # system.sysName.0 = name# system.sysLocation.0 = Right here, right now.# system.sysServices.0 = 72# -# Process checks.# The following are examples of how to use the agent to check for# processes running on the host. The syntax looks something like:#
16、 proc NAME MAX=0 MIN=0# NAME: the name of the process to check for. It must match# exactly (ie, http will not find httpd processes).# MAX: the maximum number allowed to be running. Defaults to 0.# MIN: the minimum number to be running. Defaults to 0.# Examples (commented out by default):# Make sure
17、mountd is running#proc mountd# Make sure there are no more than 4 ntalkds running, but 0 is ok too.#proc ntalkd 4# Make sure at least one sendmail, but less than or equal to 10 are running.#proc sendmail 10 1# A snmpwalk of the process mib tree would look something like this:# # % snmpwalk -v 1 loca
18、lhost -c public .1.3.6.1.4.1.2021.2# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3# enterprises.ucdavis.procTable.prEntry.prNames.1 = mountd# enterprises.ucdavis.procTable.prEntry.prNames.
19、2 = ntalkd# enterprises.ucdavis.procTable.prEntry.prNames.3 = sendmail# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0# enterprises.ucdavis.proc
20、Table.prEntry.prMax.2 = 4# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1# enter
21、prises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = No mountd process running.# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = # enterprises.ucdavis.procTable.prEntry.prErrMessage.
22、3 = # enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0# Note that the errorFlag for mountd is set to 1 because one is not# running (in this case an rpc.mountd is, but thats not good enough
23、),# and the ErrMessage tells you whats wrong. The configuration# imposed in the snmpd.conf file is also shown. # # Special Case: When the min and max numbers are both 0, it assumes# you want a max of infinity and a min of 1.# -# Executables/scripts# You can also have programs run by the agent that r
24、eturn a single# line of output and an exit code. Here are two examples.# exec NAME PROGRAM ARGS .# NAME: A generic name.# PROGRAM: The program to run. Include the path!# ARGS: optional arguments to be passed to the program# a simple hello world#exec echotest /bin/echo hello world# Run a shell script
25、 containing:# #!/bin/sh# echo hello world# echo hi there# exit 35# Note: this has been specifically commented out to prevent# accidental security holes due to someone else on your system writing# a /tmp/shtest before you do. Uncomment to use it.#exec shelltest /bin/sh /tmp/shtest# Then, # % snmpwalk
26、 -v 1 localhost -c public .1.3.6.1.4.1.2021.8# enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1# enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2# enterprises.ucdavis.extTable.extEntry.extNames.1 = echotest# enterprises.ucdavis.extTable.extEntry.extNames.2 = shelltest# enterprises.ucdavis.ex
27、tTable.extEntry.extCommand.1 = /bin/echo hello world# enterprises.ucdavis.extTable.extEntry.extCommand.2 = /bin/sh /tmp/shtest# enterprises.ucdavis.extTable.extEntry.extResult.1 = 0# enterprises.ucdavis.extTable.extEntry.extResult.2 = 35# enterprises.ucdavis.extTable.extEntry.extOutput.1 = hello wor
28、ld.# enterprises.ucdavis.extTable.extEntry.extOutput.2 = hello world.# enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0# enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0# Note that the second line of the /tmp/shtest shell script is cut# off. Also note that the exit status of 35 was returned.# -# disk checks# The agent can check the amount of available disk space, and make# s
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1
升级会员 