Centos net-snmp 的安装及配置

时间:2021-09-15 16:51:50

1、net-snmp的安装

1.1 切换到系统管理员帐户:

[root@localhost ~]# sudo -i

1.2 确认snmp是否已安装
[root@localhost ~]# rpm -q net-snmp
package net-snmp is not installed

1.3 如果未安装,安装snmp
[root@localhost ~]# yum install net-snmp

...自动下载安装

安装完成再次检查

[root@localhost ~]# rpm -q net-snmp
net-snmp-5.5-50.el6_6.1.x86_64

1.4 设置开机自动运行snmp
[root@localhost ~]# /sbin/chkconfig snmpd on


 

2、修改配置文件snmpd.conf (/etc/snmp/snmpd.conf)

可以将原来的配置文件备份,编辑/etc/snmp/snmpd.conf

[root@localhost ~]# cd /etc
[root@localhost etc]# cd snmp
[root@localhost snmp]# ls
snmpd.conf  snmptrapd.conf
[root@localhost snmp]# cp snmpd.conf snmpd_bk.conf
[root@localhost snmp]# ls
snmpd_bk.conf  snmpd.conf  snmptrapd.conf

使用vi指令修改(vi指令的使用参考:http://blog.csdn.net/zeweig/article/details/40626135
[root@localhost snmp]# vi snmpd.conf
/etc/snmp/snmpd.conf,简单配置如下:

# First, map the community name "public" into a "security name"

#       sec.name  source          community
com2sec notConfigUser  default       public

####
# Second, map the security name into a group name:

#       groupName      securityModel securityName
group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser

####
# Third, create a view for us to let the group have rights to:

# Make at least  snmpwalk -v 1 localhost -c public system fast again.
#       name           incl/excl     subtree         mask(optional)
view    systemview    included   .1.3.6.1.2.1.1
view    systemview    included   .1.3.6.1.2.1.25.1.1

####
# Finally, grant the group read-only access to the systemview view.

#       group          context sec.model sec.level prefix read   write  notif
access  notConfigGroup ""      any       noauth    exact  systemview none none

 

3、启动snmp (/etc/init.d/snmpd start)
[root@localhost init.d]# snmpd start
如果已启动则重启snmp服务
/etc/init.d/snmpd restart

 

4、测试snmp
4.1 查看端口是否打开
[root@localhost init.d]# netstat -ln | grep 161
4.2 安装snmp测试工具
[root@localhost init.d]# yum install net-snmp-utils

4.3 本机测试snmp数据

snmpwalk -v 2c -c public localhost system

snmpwalk -v3 -u username -l auth -a MD5 -A password localhost

创建SNMP(v3)用户

net-snmp-config --create-snmpv3-user -ro -a MD5 lyceemsnmp lyceem.com

远程测试snmp数据(修改ip为服务器ip,snmpwalk命令需要安装net-snmp)
snmpwalk -v 2c -c public ip system

 

5、故常处理
错误排除如果本地测试snmp有数据,远程测试snmp无数据则由于服务器防火墙禁止了外部访问服务器udp 161端口,则:
修改 /etc/sysconfig/iptables (或者:/etc/sysconfig/iptables-config ) ,增加如下规则:
-A RH-Firewall-1-INPUT -p udp -m state Cstate NEW -m udp Cdport 161 -j ACCEPT
重启iptables
/etc/init.d/iptables restart

 

原文来自: http://www.2cto.com/os/201408/327934.html