昨天写了用Cacti监控CentOS主机,今天写下监控Ubuntu主机。其实都是配置SNMP,区别其实不大,但还是记一下吧。
1、先安装SNMP及相关软件包
sudo apt update
sudo apt upgrade -y
root@hs01:~# apt install snmp snmpd snmp-mibs-downloader
#装完SNMPD自动启动,设置开机运行
root@hs01:~# systemctl enable snmpd
snmpd.service is not a native service, redirecting to systemd-sysv-install
Executing /lib/systemd/systemd-sysv-install enable snmpd
2、修改配置文件:
vim /etc/snmp/snmpd.conf
#2.1 约15-17行左右,改成如下,以允许远程SNMP访问
#agentAddress udp:127.0.0.1:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161
#2.2 45行左右,改成如下,允许查询更多信息
#view systemonly included .1.3.6.1.2.1.1
#view systemonly included .1.3.6.1.2.1.25.1
view systemonly included .1
#2.3 51行左右,修改通讯字串(密码)
rocommunity <你的密码> default -V systemonly
# rocommunity6 is for IPv6
rocommunity6 <你的密码> default -V systemonly
#2.4 第79行左右,更改位置和联系人信息(可选)
sysLocation Location Information
sysContact Me <xxx.xxx@xxx.xx.xx>
修改snmp配置文件,提高SNMP可阅读性
root@hs01:~# vim /etc/snmp/snmp.conf
#把下面这个注释掉
#mibs :
改完重启服务
systemctl restart snmpd
远程测试SNMP配置是否ok
[root@AX ~]# snmpwalk -v2c -c xxxxxx xx.xxx.xx.x 1.3.6.1.2.1.1.1
SNMPv2-MIB::sysDescr.0 = STRING: Linux hs01.xx.xxx.co.uk 4.4.0-142-generic #168-Ubuntu SMP Wed Jan 16 21:00:45 UTC 2019 x86_64
3、如果本地 snmpwalk -v2c -c xxxxxx localhost 1.3.6.1.2.1.1.1可以取得信息,而远程不行的话,可以通过以下步骤查看
#3.1 查看本机侦听端口,以下表示允许远程访问:
axing@hs01:~$ netstat -antup | grep 161
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
udp 0 0 0.0.0.0:161 0.0.0.0:* -
udp6 0 0 ::1:161 :::*
#3.2 查看ufw防火墙,有没有开放161端口,没有的话使用ufw allow 161来添加
axing@hs01:~$ sudo ufw status
[sudo] password for axing:
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
161 ALLOW Anywhere
4、Cacti添加主机监控。通用操作,不详细写了。
