差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

兩邊的前次修訂版 前次修改
下次修改
前次修改
tech:centos_snmp [2018/06/14 10:15] Jonathan Tsaitech:centos_snmp [2018/10/29 18:25] (目前版本) Jonathan Tsai
行 1: 行 1:
 +====== CentOS 7 SNMP 設定 ======
 +
 +  * 安裝環境 : CentOS Linux release 7.5.1804 (Core)
 +  * getenforce : Disabled
 +  * firewall-cmd --list-services : http https ssh **snmp**
 +
 +===== 安裝套件 =====
 +<code sh>
 +yum -y install net-snmp net-snmp-utils
 +</code>
 +
 +===== 設定 snmp 的定義 =====
 +  * 設定 192.168.1. 的網段可以透過 community nms01 讀取
 +  * 設定 192.168.0. 的網段可以透過 community nms02 讀取
 +<code sh>vi /etc/snmp/snmpd.conf</code><file>
 +com2sec notConfigUser  default       public
 +com2sec local localhost public
 +com2sec mynetwork 192.168.1.0/24 nsm01
 +com2sec mytpnetwork 192.168.0.0/24 nms02
 +
 +group MyRWGroup v1 local
 +group MyRWGroup v2c local
 +group MyROGroup v1 mynetwork
 +group MyROGroup v2c mynetwork
 +group MyROGroup v1 mytpnetwork
 +group MyROGroup v2c mytpnetwork
 +
 +view    systemview    included   .1.3.6.1.2.1.1
 +view    systemview    included   .1.3.6.1.2.1.25.1.1
 +
 +access  notConfigGroup ""      any       noauth    exact  systemview none none
 +
 +view all    included  .1                               80
 +
 +access MyROGroup "" any noauth prefix all none none
 +access MyRWGroup "" any noauth prefix all all all
 +
 +syslocation New Taipei City, Taiwan
 +syscontact InfoTech <[email protected]>
 +
 +dontLogTCPWrappersConnects yes
 +
 +proc snmpd
 +
 +disk / 10%
 +</file><code sh>
 +systemctl restart snmpd.service
 +systemctl enable snmpd.service
 +</code>
 +
 +===== 驗證與測試 =====
 +  * 主機端確認 snmp 服務有啟動<code sh>
 +systemctl status snmpd.service
 +netstat -auntp | grep snmp
 +</code>
 +  * 在網管端 Exp. 192.168.1.200 使用 snmpwalk -c nms01 進行檢測<code sh>
 +snmpwalk -c public -v 2c 192.168.0.233
 +</code>
 +
 +<note>
 +  * snmpwalk 結果出現 <code>
 +No Response from xxx.xxx.xxx.xxx</code>
 +  * server log 出現類似 <code>
 +snmpd[942]: Connection from UDP: [192.168.xxx.xxx]:45239->[192.168.xxx.xxx]:161 REFUSED</code>
 +
 +  * 可能就需要在 /etc/hosts.allow 裡面加入 snmp client 端的 IP Exp.192.168.1.240<code h /etc/hosts.allow>
 +#
 +# hosts.allow   This file contains access rules which are used to
 +#               allow or deny connections to network services that
 +#               either use the tcp_wrappers library or that have been
 +#               started through a tcp_wrappers-enabled xinetd.
 +#
 +#               See 'man 5 hosts_options' and 'man 5 hosts_access'
 +#               for information on rule syntax.
 +#               See 'man tcpd' for information on tcp_wrappers
 +#
 +sshd:ALL
 +snmpd: 192.168.1.240
 +</code>
 +</note>
 +
 +===== 參考網址 =====
 +  * http://blog.jangmt.com/2015/09/centos-7-snmpd-centos-7-snmp-install.html
 +  * https://www.liquidweb.com/kb/how-to-install-and-configure-snmp-on-centos/
 +  * http://blog.secaserver.com/2012/08/snmpd-connection-udp-refused/
 +
 +
 +{{tag>NMS snmp}}
  
  • tech/centos_snmp.txt
  • 上一次變更: 2018/10/29 18:25
  • Jonathan Tsai