点击详细信息;
4. 选中“简单网络管理协议”;
5. “确定”后点击“下一步”直至完成安装;
完成上述配置后,采集服务器通过161端口由SNMP协议进行采集。
UNIX操作系统
目录结构:
把netsnmp包放到/usr目录下
netsnmp/bin(包含应用程序snmpd和启动文件snmpd.start,启动前修改snmpd.start中的主机
名和端口)
/etc(包含snmpd.conf,需要根据主机的实际情况做配置,见下实例) /lib(包含libz.so.1)
snmpd.conf配置实例
############################################################################### #
# snmpd.conf:
# An example configuration file for configuring the ucd-snmp snmpd agent. #
############################################################################### #
# This file is intended to only be as a starting point. Many more # configuration directives exist than are mentioned in this file. For # full details, see the snmpd.conf(5) manual page. #
# All lines beginning with a '#' are comments and are intended for you # to read. All other lines are configuration commands for the agent.
############################################################################### # Access Control
###############################################################################
# As shipped, the snmpd demon will only respond to queries on the # system mib group until this file is replaced or modified for
# security purposes. Examples are shown below about how to increase the # level of access.
# By far, the most common question I get about the agent is \# it work?\# allow me to access it?\#
# By default, the agent responds to the \# only access, if run out of the box without any configuration file in # place. The following examples show you other ways of configuring # the agent so that you can change the community names, and give # yourself write access to the mib tree as well. #
# For more information, read the FAQ as well as the snmpd.conf(5) # manual page. ####
# First, map the community name \
限定某些IP地址的主机可以通过community字段采集部署了netsnmp程序。
# sec.name source community com2sec public 202.96.103.49 public com2sec public 202.96.103.50 public com2sec public 172.16.10.3 public com2sec public 172.16.10.4 public ####
# Second, map the security name into a group name: 将这些主机归属到组中分别对应不通的snmp版本。 # groupName securityModel securityName group public v1 public group public v2c public ####
# Third, create a view for us to let the group have rights to: 限制可以采集mib树中的那些值。
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional) view public included .1.3.6.1.4.1.2021 view public included .1.3.6.1.2.1 ####
# Finally, grant the group read-only access to the systemview view. 批准以只读的方式访问
# group context sec.model sec.level prefix read write notif
access public \ any noauth exact public none none
############################################################################### # disk checks #
# The agent can check the amount of available disk space, and make # sure it is above a set limit.
# disk PATH [MIN=100000] #
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set. # Default value = 100000.
# Check the / partition and make sure it contains at least 10 megs. 设定硬盘的mount点 disk / 10000
disk /export/home0 10000
############################################################################### # load average checks #
主机系统的采集通过在主机上安装netsnmp代理来获取主机的信息。 硬盘利用率,内存利用率以及cpu利用率,交换区利用率通过UCD-SNMP-MIB.MY文件进行采集,硬件利用率在采集之前对snmpd.conf文件进行配置,根据机器的配置情况,有几个硬盘就将几个硬盘配置上去,配置方式见配置文件。在配置好snmpd.conf文件后运行/usr/local/sbin/snmpd –L –c ../bin/snmpd.conf启动snmp代理。
由于监控的设备为用户的DNS服务器,怎么样做安全的限制是重要的因素,我们分三层来做限制,第一,只有我的采集器202.96.103.49和202.96.103.50可以通过net_snmp来采集信息,第二,限制采集器只能读所需的信息,对任何OID都没有修改的权限,第三,采集器只能采集有限的几颗树的OID,其它树没有采集的权限。