1、net-snmp的安装
1.1 切换到系统管理员帐户:
[root@localhost ~]# sudo -i
1.2 确认snmp是否已安装
[root@localhost ~]# rpm -q net-snmp
package net-snmp is not installed
1.3 如果未安装,安装snmp
[root@localhost ~]# yum install net-snmp
...自动下载安装
安装完成再次检查
[root@localhost ~]# rpm -q net-snmp
net-snmp-5.5-50.el6_6.1.x86_64
1.4 设置开机自动运行snmp
[root@localhost ~]# /sbin/chkconfig snmpd on
2、修改配置文件snmpd.conf (/etc/snmp/snmpd.conf)
可以将原来的配置文件备份,编辑/etc/snmp/snmpd.conf
[root@localhost ~]# cd /etc
[root@localhost etc]# cd snmp
[root@localhost snmp]# ls
snmpd.conf snmptrapd.conf
[root@localhost snmp]# cp snmpd.conf snmpd_bk.conf
[root@localhost snmp]# ls
snmpd_bk.conf snmpd.conf snmptrapd.conf
使用vi指令修改(vi指令的使用参考:http://blog.csdn.net/zeweig/article/details/40626135)
[root@localhost snmp]# vi snmpd.conf
/etc/snmp/snmpd.conf,简单配置如下:
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access notConfigGroup "" any noauth exact systemview none none
3、启动snmp (/etc/init.d/snmpd start)
[root@localhost init.d]# snmpd start
如果已启动则重启snmp服务
/etc/init.d/snmpd restart
4、测试snmp
4.1 查看端口是否打开
[root@localhost init.d]# netstat -ln | grep 161
4.2 安装snmp测试工具
[root@localhost init.d]# yum install net-snmp-utils
4.3 本机测试snmp数据
snmpwalk -v 2c -c public localhost system
snmpwalk -v3 -u username -l auth -a MD5 -A password localhost
创建SNMP(v3)用户
net-snmp-config --create-snmpv3-user -ro -a MD5 lyceemsnmp lyceem.com
远程测试snmp数据(修改ip为服务器ip,snmpwalk命令需要安装net-snmp)
snmpwalk -v 2c -c public ip system
5、故常处理
错误排除如果本地测试snmp有数据,远程测试snmp无数据则由于服务器防火墙禁止了外部访问服务器udp 161端口,则:
修改 /etc/sysconfig/iptables (或者:/etc/sysconfig/iptables-config ) ,增加如下规则:
-A RH-Firewall-1-INPUT -p udp -m state Cstate NEW -m udp Cdport 161 -j ACCEPT
重启iptables
/etc/init.d/iptables restart
原文来自: http://www.2cto.com/os/201408/327934.html