|
由于服务器账号密码要定期更改,监控服务器一般不应使用可登录的账号,而应该使用SNMP协议获取服务器信息。记录一下CentOS 7配置SNMPv3服务的过程。
安装SNMP服务
yum install net-snmp net-snmp-devel net-snmp-utils
配置SNMPv3,编辑配置文件/etc/snmp/snmpd.conf
vim /etc/snmp/snmpd.conf
在/etc/snmp/snmpd.conf中添加一行??view ? ?systemview ? ?included ? .1
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
配置SNMPv3信息,net-snmp-config --create-snmpv3-user -ro -a 验证密码 -A 验证协议 -x 加密密码 -X 加密协议 用户名。本例用户名为monitor,配置成功后会有回显。
net-snmp-config --create-snmpv3-user -ro -a snmpv3auth -A MD5 -x snmpv3pri -X DES monitor
adding the following line to /var/lib/net-snmp/snmpd.conf:
createUser monitor MD5 "snmpv3auth" DES snmpv3pri
adding the following line to /etc/snmp/snmpd.conf:
rouser monitor
?配置防火墙开放udp协议161端口
firewall-cmd --permanent --add-port=161/udp
firewall-cmd --reload
firewall-cmd --list-all
启动SNMP服务
systemctl enable snmpd
systemctl start snmpd
验证获取信息
snmpwalk -v3 -u monitor -l authPriv -a MD5 -A snmpv3auth -x DES -X snmpv3pri 192.168.1.1 .1.3.6.1.2.1.1.1
|